Tag
Citizen Lab’s new report, Hidden Links, uncovers a network of VPN providers like Turbo VPN and VPN Monster…
Fake Gmail security alerts are tricking users into inadvertently handing over control of their accounts to scammers. Here's what to look for.
A cyberattack on Manpower’s Michigan office compromised data for 144,000 people. Meanwhile, Workday reveals a data breach in…
Plus: ICE agents accidentally add a random person to a sensitive group chat, Norwegian intelligence blames the Kremlin for hacking a dam, and new facial recognition vans roam the UK.
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage accounts in unison to manipulate the prices of foreign stocks.
In this Dark Reading News Desk interview, Google's Mark Berschadski highlights the critical role browsers play in today's work environment and how Chrome Enterprise is evolving to meet modern security challenges while enabling productivity.
Dark Reading's Terry Sweeney and Google's Loren Hudziak discuss how the humble web browser has transformed from a simple web access tool into a common conduit through which a lot of business is done.
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Third-Party Components in SINEC OS Vulnerabilities: Improper Input Validation, Use After Free, Out-of-bounds Read, Incorrect Check of Function Return Value, Incorrect Comparison, Improper Control of Resource Identifiers ('Resource Injection'), Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), NULL Pointer Dereference, Excessive Platform Resource Consumption within a Loop, Allocation of Resources Without Limits or Throttling, Improper Restriction of Operations within the Bounds of a Memory Buffer, Buffer Copy with...
The breach of the US Courts records system came to light more than a month after the attack was discovered. Details about what was exposed—and who’s responsible—remain unclear.
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,