Industry Spotlight
KeePass Malicious Ads: Google Goof Permits Punycode Attacks Again
Richi Jennings | | IDN, IDN homograph phishing, internationalized domain names, KeePass, Punycode, SB Blogwatch
Mote below k: Not only malvertising, but also “verified by Google.” ...
Security Boulevard
Use of QR Codes in Phishing Campaigns is on the Rise
QR codes are quickly becoming a favorite tool of bad actors looking to launch phishing attacks, with one cybersecurity vendor saying the strategy appeared in 22% of phishing campaigns it detected in ...
Security Boulevard
EPA Withdraws Cybersecurity Requirements for Water Systems
The Environmental Protection Agency in March ordered states to begin assessing the cybersecurity of their public water systems, a part of the Biden Administration’s multi-pronged effort to shore up the protections around ...
Security Boulevard
Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in
Richi Jennings | | 0-day, 0-day exploits, 0-day vulnerability, 0day, cisco, Cisco IOS XE, CVE-2023-20198, SB Blogwatch, Zero Day Attacks, zero-day, Zero-Day Bug, Zero-day Exploit, zero-day exploits, zero-day flaw, zero-day flaws, zero-day threat, zero-day vulnerabilities, Zero-day Vulnerability, zero-days, zeroday, zerodayvulnerabilities
Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ...
Security Boulevard
RomCom Malware Group Targets EU Gender Equality Summit
A hacker group that continues to extend its reach from financially motivated attacks into cyber-espionage this summer targeted attendees of a gender equality conference with a pared-down version of the RomCom remote ...
Security Boulevard
Elon’s CSAM FAIL: Twitter Fined by Australian Govt.
Richi Jennings | | Australia, Australian Government, Child Abuse, child exploitation, Child Online Safety, child porn, child pornography, Child protection, Child Safety, child security online, child sexual exploitation, childpornography, CSAM, Digital Trust and Safety, Elon Musk, elon musk twitter, eSafety Commission, grooming, Julie Inman Grant, Linda Yaccarino, SB Blogwatch, trust and safety, Twitter, X
Straya strikes back: Musk’s mob declines to answer questions, breaking law dunundah ...
Security Boulevard
Microsoft Launches an AI Bug Bounty Program
As Microsoft aggressively integrates AI into its broad portfolio of products and services, the IT giant now is looking for help to ensure they are free of vulnerabilities. The company this month ...
Security Boulevard
NSA Releases EliteWolf GitHub Repository for Securing OT Environments
The National Security Agency released a code repository in GitHub to make it easier for critical infrastructure organizations and similar entities to better identify and detect potentially malicious activities in their operational ...
Security Boulevard
Stalking: Fear of Apple AirTag ‘Explodes’ — Lawsuit Momentum Grows
Richi Jennings | | AirTag, AirTags, Apple, Apple AirTag, cyberstalking, Digital Stalking, Find My iPhone, SB Blogwatch, Stalkerware, Stalking, Stalkware, Tracker Detect, trackers
This is why we can’t have nice things: 38 victims of Apple’s “negligence” named in amended class action ...
Security Boulevard
Hackers Still Abusing LinkedIn Smart Links in Phishing Attacks
Email security firm Cofense in 2022 uncovered a phishing campaign that abused LinkedIn’s Smart Links feature to redirect unsuspecting victims to malicious websites, another example of bad actors using a trusted source ...
Security Boulevard