On Monday, researchers reported that hackers are exploiting Google’s Analytics service to steal credit card information from compromised e-commerce sites. Kaspersky, Sansec, and PerimeterX all published reports claiming that attackers are injecting data-stealing code onto the infected sites along with a Google Analytics tracking code for their own account. This
In February, Apple received notification of an issue in the clipboard function. Any data copied to the clipboard on an iOS device was vulnerable to visibility by any active app. The vulnerability is hidden, meaning that there is no way for a user to know when an app may be
The DotGov program announced on Sunday that all government domains will automatically preload from TLDs to HSTS beginning September 1, 2020. The HSTS standard is more secure, as it always enforces an HTTP connection to a website. HSTS also serves to prevent users from clicking a domain with a certification
Adobe is beginning to warn Flash Player users about the application’s end of life date (EOL), which is December 31, 2020. Adobe stated that it will begin to prompt users to uninstall the software over the next several months as the EOL approaches. After this date, Adobe will not sure
On Thursday, Google removed over 100 Chrome browser extensions that it found to be malicious, after reports that they were being used to siphon sensitive user data. Google also published the research behind the apps, in which Awake Security alleges millions of Chrome users have been targeted by threat actors.
This video provides succinct context on technology companies fielding solutions to help address key concerns in the area of AI security and AI ethics. We produced this presentation for OODA members based on our own continuous market research that includes tracking VC investment and engaging with the community via AI related events but also our own AI centric due diligence engagements and cybersecurity assessments.
According to security researchers, InvisiMole is back and has begun targeting Eastern European organizations in the military sector with a sophisticated and updated toolset and APT partnership. InvisiMole was redetected due to a new campaign and strategic collaboration with well known APT group Gamaredon. The group was first discovered by
IT services giant Cognizant has confirmed that unencrypted data was accessed and stolen during an April Maze Ransomware attack that made headlines. Cognizant is one of the largest global IT services companies, with close to 300,000 employees and over $15 billion in revenue. Cognizant performs functions such as remotely managing
79 Netgear router models have a severe security flaw that allows threat actors to take over devices remotely. The vulnerability impacts 758 different firmware versions used in 79 Netgear routers to data. The flaw is present on some firmware versions deployed on devices that date as early as 2007. The
Democrat Senator Ron Wyden expressed his concern over the CIA’s lack of proper security practices after reading a 2017 report describing the agency’s cybersecurity as “woefully lax.” The internal report was written by the WikiLeaks Task Force after the Vault 7 disclosures occurred, which was the largest data loss at