Most SaaS adopters exposed to browser-borne attacks
Even though the adoption of SaaS apps started more than ten years ago, CISOs are still finding it challenging to tackle the accumulated security debt. Significant deficiencies The prevalence of phishing and account takeover attacks has raised signifi.....»»
Cybercriminals exploit file sharing services to advance phishing attacks
Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of ph.....»»
Organizations turn to biometrics to counter deepfakes
The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using generative AI tools, will have a high impact on their organizations, according to iProov. Perce.....»»
Apple Podcasts launches web app, listen to your Up Next queue and library in a browser
Apple Podcasts is expanding to the web, starting today. You can access the new web app version at podcasts.apple.com, in desktop web browsers including Safari, Chrome, Edge and Firefox. For the first time, Apple Podcasts users can access their Up.....»»
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, wh.....»»
Protecting academic assets: How higher education can enhance cybersecurity
Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support staff, and overwhelming amounts of data, much of which is PII (personally ident.....»»
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited.....»»
Banshee Stealer malware haunts browser extensions on macOS
Security researchers have discovered a new malware for macOS, which can be used to attack over 100 browser extensions that may be installed on the target Mac.Web browser extensions are the target of Banshee Stealer on macOSApple tries hard to make ma.....»»
Behold, Diablo is fully playable in your browser
It controls and looks great, though the game was outshined by its sequels. Enlarge / Diablo running in Firefox on macOS. (credit: Samuel Axon) You can now play the original Diablo (and its expansion, Hellfire) in virtual.....»»
Security experts just found a massive flaw with Google Pixel phones
Since 2017, millions of Pixels have shipped with a flawed app package. Now, a defense contractor has exposed the oversight......»»
New genetic analysis of Lyme disease-causing bacteria could improve diagnosis and treatment
A genetic analysis of Lyme disease bacteria may pave the way for improved diagnosis, treatment and prevention of the tick-borne ailment......»»
What you can do about the massive data breach that probably exposed all of your personal info
A recent data breach exposed sensitive information including social security numbers for billions of people globally, potentially leading to a significant increase in identity theft and cybercrimes. Here's what you need to know, and what you should d.....»»
Unlearning the RaaS Model: How ransomware attacks are evolving
Unlearning the RaaS Model: How ransomware attacks are evolving.....»»
DDoS attack volume rises, peak power reaches 1.7 Tbps
The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore. Peak attack power rose from 1.6 terabits per second (Tbps) in H2 2023 to 1.7 Tbps. DDoS attacks hit Gaming, tech, fi.....»»
Proton VPN browser extension is now free for all
You can now use the Proton VPN extension with all Chrome and Firefox browsers – even if you're not a paid subscriber......»»
Bumblebees" sense of direction rivals that of humans, study shows
Bumblebees have a great capacity to navigate despite their small brain size. This is borne out of new research conducted at Lund University in Sweden. The research results can potentially benefit the development of navigation robots in crisis situati.....»»
Current attacks, targets, and other threat landscape trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. Whil.....»»
Lawsuit Attacks Florida’s Lab-Grown Meat Ban as Unconstitutional
Upside Foods, a leading cultivated-meat company, argues that the ban violates the US Constitution in several ways......»»
35% of exposed API keys still active, posing major security risks
Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. Hidden risks of secret sprawl in cloud and SaaS environments What’s.....»»
Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack su.....»»
Tick-borne red meat allergy prevented in mice through new nanoparticle treatment
Nanoparticles delivered intravenously in mice can block the allergic reactions to red meat caused by the bite of the lone star tick, new research led by the University of Michigan shows......»»