Cybersecurity Risk Hunting

The Hacker News eBook Update Industrial Cybersecurity Pulse IT/OT eBook Download For Free Featured articles in this eBook include stories on extending IT security to the plant floor, IT/OT collaboration driving digitalization and lessons learned from the SolarWinds attack. Download your free resource now > This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

French Electricity Provider Fined for Insecurely Storing Users' Passwords

The Hacker News Daily Updates Cybersecurity Budget Tips that Deliver the Most Bang for Your Buck Discover the data behind which cybersecurity controls deliver the best ROI Download Now Sponsored LATEST NEWS Nov 30, 2022 Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an "unexpected behavior" in the npm command line interface (CLI) tool. npm CLI's install and audit commands have built-in capabilities to check a package and ... Read More This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms A malicious Android SMS application discovered on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo (com.vanjan.sms), had over 100,000 downloads and ... Read More French Electricity Provider Fined for Storing Users' Passwords with Weak MD5 Algorithm The French data protection watchdog on Tuesday fined electricity provider Électricité de France €600,000 for violating the European Union General Data Protection Regulation (GDPR) requirements. The Commission nationale de l'informatique et des libertés (CNIL) said the electric utility breached ... Read More Australia Passes Bill to Fine Companies up to $50 Million for Data Breaches The Australian government has passed a bill that markedly increases the penalty for companies suffering from serious or repeated data breaches. To that end, the maximum fines have been bumped up from the current AU$2.22 million to AU$50 million, 30% of an entity's adjusted turnover in the relevant ... Read More 3 New Vulnerabilities Affect OT Products from German Companies Festo and CODESYS Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list ... Read More Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in Philippines A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. Mandiant, which is part of Google Cloud, is tracking the cluster under its uncategorized moniker UNC4191. An analysis of ... Read More New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and ... Read More Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. The trend, called Invisible Challenge, involves applying a filter known as Invisible Body that just leaves behind a silhouette of the ... Read More Cybersecurity Budget Tips that Deliver the Most Bang for Your Buck Discover the data behind which cybersecurity controls deliver the best ROI Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Irish Regulator Fines Facebook $277 Million for Leak of Half a Billion Users' Data

The Hacker News Daily Updates Managing the IT Modernization Elephant A bite-sized approach to digital modernization. Download Now Sponsored LATEST NEWS Nov 29, 2022 Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. The trend, called Invisible Challenge, involves applying a filter known as Invisible Body that just leaves behind a silhouette of the ... Read More 7 Cyber Security Tips for SMBs When the headlines focus on breaches of large enterprises like the Optus breach, it's easy for smaller businesses to think they're not a target for hackers. Surely, they're not worth the time or effort?  Unfortunately, when it comes to cyber security, size doesn't matter.  Assuming you're not a ... Read More Irish Regulator Fines Facebook $277 Million for Leak of Half a Billion Users' Data Ireland's Data Protection Commission (DPC) has levied fines of €265 million ($277 million) against Meta Platforms for failing to safeguard the personal data of more than half a billion users of its Facebook service, ramping up privacy enforcement against U.S. tech firms. The fines follow an ... Read More CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of ... Read More Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources. The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn't have permission to ... Read More The 5 Cornerstones for an Effective Cyber Security Awareness Training It's not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of 1,097,811 phishing attacks. These attacks continue to target organizations and individuals to gain their sensitive information.  The hard news: they're ... Read More Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational technology (OT) and internet of things (IoT) networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip (SoC), that's found ... Read More Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform tweets and payments, ... Read More Managing the IT Modernization Elephant A bite-sized approach to digital modernization. Download Now Sponsored This email was sent to myemailku.ghdbrevo2018@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India