lemmydev2

joined 11 months ago
sorted by: new top controversial old
5
Apple Vision Pro’s Eye Tracking Exposed What People Type (www.wired.com)
 

The Vision Pro uses 3D avatars on calls and for streaming. These researchers used eye tracking to work out the passwords and PINs people typed with their avatars.

9
Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe (thehackernews.com)
 

The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. "The statutory inquiry concerns the question of whether Google has complied

4
Losses due to cryptocurrency and BEC scams are soaring (www.helpnetsecurity.com)
 

Every type of fraud is on the rise, and 2023 was a particularly devastating year for victims of cryptocurrency and business email compromise (BEC) scams, according to the FBI. Cryptocurrency fraud Based on complaints filed to FBI’s Internet Crime Complaint Center (IC3) in 2023, the year saw over $5.6 billion in losses tied to cryptocurrency fraud alone, marking a dramatic 45% increase over 2022 figures. Criminals are exploiting the difficulties of tracing and recovering cryptocurrency … More → The post Losses due to cryptocurrency and BEC scams are soaring appeared first on Help Net Security.

9
About that Windows Installer 'make me admin' security hole. Here's how it's exploited (go.theregister.com)
 

What kind of OS can be hijacked by clicking a link at just the right time? Microsoft's In this week's Patch Tuesday Microsoft alerted users to, among other vulnerabilities, a flaw in Windows Installer that can be exploited by malware or a rogue user to gain SYSTEM-level privileges to hijack a PC.…

3
Mastercard Agrees to Buy Cyber-Defense Firm for $2.65 Billion (www.bloomberg.com)
 

Mastercard Inc. agreed to buy cyber-defense firm Recorded Future for $2.65 billion to boost its ability to protect the card company’s massive global-payments system.

3
The Rise of Bug Bounty Programs in S-1 Filings: A New Standard in Corporate Security (www.hackerone.com)
 

Learn why more organizations are including their bug bounty programs in S-1 filings and other corporate disclosures.

6
As quantum computing threats loom, Microsoft updates its core crypto library (arstechnica.com)
 

Two algorithms added so far, two more planned in the coming months.

2
Adobe fixes Acrobat Reader zero-day with public PoC exploit (www.bleepingcomputer.com)
 

A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit. [...]

18
Fake password manager coding test used to hack Python developers (www.bleepingcomputer.com)
 

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. [...]

17
We spent $20 to achieve RCE and accidentally became the admins of .MOBI (labs.watchtowr.com)
 

Comments

1
Chinese hackers linked to cybercrime syndicate arrested in Singapore (www.bleepingcomputer.com)
 

Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a "global syndicate." [...]

15
So you paid a ransom demand … and now the decryptor doesn't work (go.theregister.com)
 

A really big oh sh*t moment, for sure For C-suite execs and security leaders, discovering your organization has been breached, your critical systems locked up and your data stolen, then receiving a ransom demand, is probably the worst day of your professional life.…

view more: next ›