Google Cuts User Account Compromises in Half With Simple Change
More than 150 million Google users have seen their chance of compromise drop by half following the adoption of two-step verification, a process where users logging in to a Google service will be asked to respond to a push notification sent to a second device, the company said today. The result is an early sign…
“We absolutely do not care about you”: Sugar ransomware targets individuals
Ransomware tends to target organizations. Corporations not only house a trove of valuable data they can’t function without, but they are also expected to cough up a considerable amount of ransom money in exchange for their encrypted files. And while corporations struggle to keep up with attacks, ransomware groups have left the average consumer relatively…
When Multifactor Authentication Is Compromised: Fighting Back With AI
Multifactor authentication (MFA) became mainstream in 2021. Google began pushing to make MFA its default for all users. The Biden administration even required all federal agencies and contractors to implement MFA in its Executive Order on Improving the Nation’s Cybersecurity. MFA adds in extra layers of verifying a user’s identity so that attackers cannot compromise…
Log4j: Getting From Stopgap Remedies to Long-Term Solutions
While the worst of Log4Shell may be behind us and much work remains, let’s say “Well done” to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the Log4j vulnerability was last year’s problem, think again. In 2022, this vulnerability will require care and attention to fully…
Mac Malware-Dropping Adware Gets More Dangerous
The latest version of a Mac Trojan called UpdateAgent, aka WizardUpdate, provides fresh evidence of the growing effort that some threat actors are putting into targeting Apple technologies. The malware, which impersonates legitimate software, such as support agents and video software, first surfaced in September 2020. It is commonly distributed via drive-by downloads or pop-ups…
This Week in Security News – February 4, 2022
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the Samba vulnerability discovered by Trend Micro. Also, read about the White House’s warning of Russian hacks as tensions with Ukraine grow. The Samba Vulnerability: What is…
Codex Exposed: Helping Hackers in Training?
In June 2020, OpenAI released version 3 of its Generative Pre-trained Transformer (GPT-3), a natural language transformer that took the tech world by storm with its uncanny ability to generate text seemingly written by humans. But GPT-3 was also trained on computer code, and recently OpenAI released a specialized version of its engine, named Codex,…
Keeper Security Acquires Glyptodon
Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software covering password management, dark web monitoring, digital file storage and messaging, today announced the acquisition of Glyptodon, the creator of Glyptodon Enterprise, a remote access gateway which provides DevOps and IT teams with effortless access to RDP, SSH, VNC and Kubernetes endpoints through a…
Google Patches 27 Vulnerabilities With Release of Chrome 98
The most severe of these security defects could be exploited to execute arbitrary code with the same privileges as the Chrome browser has on the target system. Of the 19 flaws, eight carry a severity rating of high, 10 are considered medium severity, and one low risk. More than half of the externally reported vulnerabilities…
Digital Shadows Launches New Vulnerability Intelligence Module
Digital Shadows announces the launch of a new Vulnerability Intelligence module within SearchLight. The new capability enables security teams to rapidly identify which of the many thousands of Common Vulnerabilities and Exposures (CVEs) they should focus their limited resources on and how they can prevent criminals from exploiting them. The new module, within Digital Shadows…
