Security News
X faces GDPR complaints for unauthorized use of data for AI training
European privacy advocate NOYB (None of Your Business) has filed nine GDPR complaints about X using the personal data from over 60 million users in Europe to train “Grok,” the social media company’s large language model. […]
Read MoreCrowdStrike Tries to Patch Things Up With Cybersecurity Industry
Both CrowdStrike president and CEO were at Black Hat and DEF CON to face direct questions from customers and cybersecurity professionals.
Read MoreUN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns
The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.
Read MoreAustralian gold producer Evolution Mining hit by ransomware
Evolution Mining has informed that it has been targeted by a ransomware attack on August 8, 2024, which impacted its IT systems. […]
Read MoreCriminal IP and Maltego Join Forces for Enhanced Cyber Threat Search
AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego’s unified user interface and is available on the Maltego’s marketplace, […]
Read MoreNew Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences.
“The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data
Microsoft discloses Office zero-day, still working on a patch
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. […]
Read MoreMulti-Malware ‘Cluster Bomb’ Campaign Drops Widespread Cyber Havoc
“Unfurling Hemlock” has deployed malware on tens of thousands of systems worldwide by nesting multiple malicious files inside other malicious files.
Read MorePrudential Financial now says 2.5 million impacted by data breach
Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. […]
Read More