Nexo Achieves Type 2 SOC 2 Audit, Reinforces Data Security Compliance

By Owais Sultan Nexo, the leading digital assets institution, announced a major milestone today as it successfully completed an independent Type… This is a post from HackRead.com Read the original post: Nexo Achieves Type 2 SOC 2 Audit, Reinforces Data Security Compliance

Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. “TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho,” Proofpoint said in a new report. “When […]

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date. “As StackRot […]

Surviving the 800 Gbps Storm: Gain Insights from Gcore’s 2023 DDoS Attack Statistics

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking […]

Critical RCE Vulnerability Puts 330,000 Fortinet Firewalls at Risk

By Deeba Ahmed The vulnerability has a CVSS score of 9.8 out of 10, is a critical security bug that affects Fortinet appliances and has been actively exploited in the wild. This is a post from HackRead.com Read the original post: Critical RCE Vulnerability Puts 330,000 Fortinet Firewalls at Risk

ChatGPT, the new rubber duck

Introduction Whether you are new to the world of IT or an experienced developer, you may have heard of the debugging concept of the ‘programmer’s rubber duck’. For the uninitiated, the basic concept is that by speaking to an inanimate object (e.g., a rubber duck) and explaining one’s code or the problem you are facing […]

INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced. “The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 […]

Malicious ad for USPS fishes for banking credentials

We often think of malvertising as being malicious ads that push malware or scams, and quite rightly so these are probably the most common payloads. However, malvertising is also a great vehicle for phishing attacks which we usually see more often via spam emails. Threat actors continue to abuse and impersonate brands, posing as verified advertisers whose only […]

Google plans to scrape everything you post online to train its AI

Additions to Google’s Privacy Policy are making some observers worry that all of your content is about to be fed into Google’s AI tools. Alterations to the T&Cs now explicitly state that your “publicly available information” will be used to train in-house Google AI models alongside other products. From the Privacy Policy page: In some circumstances, Google also […]