Hot Topics

Cloud Security

Box data security, management, organizations, GDPR, Strike Force privacy, vendors, RFPs, cloud, data security DLP Iran DUMPS Conti Hackers Sandbox government HackerOne IBM data security

Data Security Posture Management: What’s Fact and What’s Fiction?

| | Cloud Security, Cybersecurity, data controls, Data Security, Data Security Posture Management
DSPM grants organizations full visibility over the security posture of cloud data assets and sensitive data and is extremely valuable to today’s security teams ...
Security Boulevard
The Google WebP logo

Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug

| | Buffer Overflow, buffer overflow attack, Buffer Overflow Vulnerabilities, buffer overflows, Chrome, Chromium, edge, Electron, Exploitable Vulnerabilities, Firefox, google, Heap Overflow, libwebp, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, opera, SB Blogwatch, secure software supply chain, slack, software supply chain, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, thunderbird, WebP
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Boulevard
The classic sign: “Welcome to fabulous Las Vegas, Nevada” all lit up in neon

What Happens in Vegas: MGM Resorts ‘Ransomware’ Attack

| | casino, casinos, las vegas, MGM Resorts, Ransomware, SB Blogwatch, Vegas
You’re welcome to it. Not happening in Vegas: 12 hotels and casinos—nor in many more elsewhere, neither ...
Security Boulevard
A man has fallen asleep on top of his books and papers

‘BLASTPASS’ iPhone Exploit — Apple Asleep at the Switch

| | Apple, BLASTPASS, Citizen Lab, FaceTime, FaceTime bug, imessage, ios, iPhone, NSO, NSO Group, Pegasus, Pegasus Spyware, Privacy, SB Blogwatch
Zero click, zero day, zero clue: Yet another iOS zero-day lets NSO’s Pegasus “mercenary spyware” cause chaos ...
Security Boulevard
Google Android malware

Google Kills 3rd-Party Cookies — but Monopolizes AdTech

| | adtech, Advertising, Advertising and AdTech, adverts, cookie, Cookie Consent, cookieconsent, cookies, FLEDGE, FLoC, Privacy, Privacy Sandbox, SB Blogwatch, Topics, tracking cookies, web cookie
Firefox looking good right now: “Privacy Sandbox” criticized as a proprietary, hypocritical, anti-competitive, self-serving contradiction ...
Security Boulevard
Two old vehicles rust away in a junkyard

This SUCKS: ‘Cars Are a Privacy Nightmare,’ Mozilla Fumes

| | automaker, Car, cars, cellular IoT, cellular IoT security, Connected Cars, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Mozilla, Mozilla Foundation, New Cars, Privacy, Privacy4Cars, SB Blogwatch, vehicle, vehicle cybersecurity, vehicle OTAs
IoT cars considered harmful: Own a car? Care about your privacy? Mozilla Foundation has bad news for you ...
Security Boulevard
A lemur stares back at you, with a shocked expression

Sourcegraph’s Shocking Screwup: Private Secrets in Public Repo

| | AI, authentication token, compromised credentials, credential replay attacks, large language models, Large Language Models (LLM), Large language models (LLMs), LLM, pii, PII Leakage, Run-time Secrets Protection, SB Blogwatch, secret, secret key, secret keys, secret management, secrets scanning, Sourcegraph
Credentials create crisis: AI source code navigation LLM leaks PII after DevOps SNAFU ...
Security Boulevard
A phone home screen shows Signal and Telegram app icons

BadBazaar: Chinese Spyware Shams Signal, Telegram Apps

| | android, android spyware, APT15, BadBazaar, Flygram, google, Google Play Incompetence, Google Play Store, GREF, Lukas Stefanko, Nickel, Samsung, SB Blogwatch, signal, Signal Plus Messenger, spyware, Telegram, Vixen Panda
After sneaking into Google and Samsung app stores, “GREF” APT targets Uyghurs and other PRC minorities ...
Security Boulevard
A duck stares at you, straight on

Qakbot Cracked: FBI and Friends Hack the Hackers

| | aresloader, Black Basta Ransomware, botnet, botnets, Department of Justice, Department of Justice (DOJ), DOJ, Duck Hunt, FBI, Federal Bureau of Investigation, justice department, loaders, Pinkslipbot, Qakbot, qakbot malware, Qbot, SB Blogwatch, takedown, takedowns, U.S. Department of Justice, U.S. Justice Department, United States Department of Justice, US Department of Justice, US FBI
Operation Duck Hunt shoots to kill big botnet ...
Security Boulevard
GMail forwarding settings

Gmail Adds Extra Checks, Thwarting Sneaky Hackers

| | 2-factor authentication, 2fa, 2FA/MFA, FIDO, FIDO2, Gmail, google, Google Workspace, MFA, Multi-Factor Authentication (MFA), Passkeys, SB Blogwatch, TOTP, WebAuthn
Sensitive actions such as forwarding to be protected by extra 2FA step ...
Security Boulevard
Load more