Boston-based privacy and security startup Cloaked, launched its apps today to let users create unique proxy emails, phone numbers, and passwords for online accounts. The company, which was in private beta for the last two years, is now making its solution available for everyone through its web app, Chrome extension, along with mobile apps (available
Philip Choo
The US Federal Bureau of Investigation (FBI) has issued a Private Industry Notification highlighting two concerning trends in the world of ransomware attacks. As of July 2023, the FBI observed a rising occurrence of dual ransomware attacks on the same victim within close date proximity and a shift towards new data destruction tactics in ransomware
Introduction In today’s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive target for
In a victory for Tesla, a California federal judge ruled over the weekend that a group of Tesla owners cannot pursue in court claims that the company falsely advertised its automated features. Instead, they will have to face individual arbitration. U.S. District Judge Haywood Gilliam’s ruling isn’t a win for the defensibility of Tesla’s advanced
The Station is a weekly newsletter dedicated to all things transportation. Sign up here — just click The Station — to receive the newsletter every weekend in your inbox. Subscribe for free. Welcome back to The Station, your central hub for all past, present and future means of moving people and packages from Point A to Point B.
Recent weeks have witnessed a significant increase in cyber-attacks targeting the US Postal Service (USPS), mainly through phishing and smishing campaigns. The surge in these attacks has prompted DomainTools researchers to delve into their origins and implications, with findings described in an advisory published on Thursday. One smishing message raised suspicions due to its peculiar
Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. “The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file
If you’re an early-stage founder, the crazy days of 2021 are a distant memory. Money is tight, and the process of getting more is as unsettled as ever. The past few tumultuous years have tossed out the milestones that defined previous Series A benchmarks. But that doesn’t mean the game is lost. At this year’s
As tech companies begin to monetize generative AI, the creators on whose work it is trained are asking for their fair share. But so far no one can agree on whether or how much artists should be paid. A recent open letter from the Authors Guild signed by more than 8,500 writers, including Margaret Atwood,
Microsoft’s Bing Chat has come under scrutiny due to a significant security concern – the infiltration of malicious ads. Malwarebytes researchers have now demonstrated how unsuspecting users seeking software downloads can be tricked into visiting malicious websites and unwittingly downloading malware. Bing Chat, an artificial intelligence (AI) interactive text and image application powered by OpenAI’s
The role of the chief information security officer has evolved significantly in recent years. As cybersecurity becomes even more of a critical concern for businesses, CISOs now find themselves in increasingly pivotal positions within their organizations. The intensity of the CISO position means it typically has a shelf life, however, with security leaders often leaving
Sep 30, 2023THNRansomware / Cyber Threat The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. “During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit,
Video During the attack, the group deployed several tools, most notably a newly-discovered sophisticated backdoor that ESET named LightlessCan 29 Sep 2023 This week, ESET researchers unveiled their findings about an attack by the North Korea-linked APT group Lazarus that took aim at an aerospace company in Spain. The group obtained initial access to the
It’s that time of the week again, folks — time for Week in Review (WiR), TechCrunch’s newsletter that recaps the past few days in tech. The news cycle never sleeps, and it’s exhausting — this reporter knows all too well. But fortunately, neither does WiR. Our curated list of the top stories this week will
Streamers are leaving Kick en masse in protest of the platform’s lack of safety guidelines, after a prominent creator streamed an encounter with a sex worker without informing her that there were other people present. She was briefly prevented from leaving after she expressed discomfort, while Kick’s CEO posted laughing emotes in the stream chat.
The Russian firm Operation Zero has announced a staggering $20m reward for hacking tools capable of compromising iPhones and Android devices. The company unveiled this increased payout on X (formerly Twitter) on Tuesday, aiming to attract top-tier researchers and developer teams to collaborate with their platform. Under this program, Operation Zero is willing to pay
Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an “evolved version” of another loader malware known as DoubleFinger. “The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.,” Kaspersky said in
Volkswagen’s $2.1 billion plan to launch a dedicated electric-vehicle factory in Wolfsburg, Germany is kaput. The automaker instead reportedly plans to modify its existing plants in Zwickau and Wolfsburg to handle production of a new flagship EV — the postponed Project Trinity — and an all-electric Golf hatchback. This tracks with an earlier statement from
SpaceX won its first contract for Starshield, the defense-focused version of its Starlink satellite internet service, from the U.S. Space Force. The one-year contract has a maximum value of $70 million, a U.S. Air Force representative told Bloomberg. The contract “provides for Starshield end-to-end service via the Starlink constellation, user terminals, ancillary equipment, network management
The Budworm advanced persistent threat (APT) group, also known as LuckyMouse, Emissary Panda or APT27, has once again demonstrated its active development of cyber-espionage tools. In August 2023, security researchers from Symantec’s Threat Hunter Team, a part of Broadcom, uncovered Budworm’s use of an updated version of its key tool to target a Middle Eastern telecommunications
Sep 28, 2023THNSupply Chain / Malware A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. “The malicious code exfiltrates the GitHub project’s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked
In a live chat earlier this month, Elon Musk said X would charge users “a small monthly payment” to use its service — a necessity, he explained, in order to combat the “vast armies of bots” on the platform. But in an interview this week at the Code Conference, X CEO Linda Yaccarino seemed to
Secure Coding While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles Christian Ali Bravo 27 Sep 2023 • , 4 min. read Coding is a pivotal skill in many
Adobe officially launched Photoshop for the web on Wednesday for all users with paid plans. The web version, which was in beta for almost two years, is now available with Firefly-powered AI tools such as generative fill and generative expand. The company said that the tools in the toolbar on the web is based group
Two new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues. With over 50,000 active installations, the plugin developed by smp7 and wp.insider is widely used for custom membership management on WordPress sites. The flaws identified by Patchstack security researchers include
What is Protected Extensible Authentication Protocol (PEAP)? Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks. PEAP extends the Extensible Authentication Protocol (EAP) by encapsulating the EAP connection within a Transport Layer Security (TLS) tunnel. PEAP was designed to provide authentication for 802.11 wireless local area networks (WLANs) to
Sep 27, 2023THNMalware / Cyber Attack A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a “high technical level and cautious attack attitude,” adding that “the phishing attack activity captured this
The U.S. Federal Aviation Administration has closed the investigation into a mishap that occurred last September during a launch of Blue Origin’s New Shepard vehicle, with the regulator saying that Blue must implement 21 corrective actions before it can fly New Shepard again. New Shepard was grounded after a September 2022 launch ended with an
Secure Coding, Business Security Or, is mass public meddling just opening the door for problems? And how does open-source software compare to proprietary software in terms of security? 26 Sep 2023 • , 5 min. read There are – and will always be – vulnerabilities in software. Just like there is no perfect security, there
The payment landscape in Africa is still fragmented, with several payment operators providing different payment options to customers as well as businesses. Due to this fragmentation, payment failures are inevitable due to factors such as invalid cards, inactive accounts and high dispute rates. One of the few startups working on payment orchestration to address this
- 1
- 2
- 3
- …
- 332
- Next Page »