Category cyber-attacks

County Awards $600,000 Settlement to Penetration Testers Arrested for Courthouse Security Assessment

Security Professionals Settle Lawsuit Following Unauthorized Arrest During Courthouse Assessment Two security experts, arrested in 2019 while conducting a sanctioned security evaluation of a courthouse in Iowa, have agreed to a $600,000 settlement in a lawsuit alleging wrongful arrest and defamation. Gary DeMercurio and Justin Wynn, penetration testers affiliated with…

Read MoreCounty Awards $600,000 Settlement to Penetration Testers Arrested for Courthouse Security Assessment

Hackers Discover New Method to Bypass Microsoft Office 365 Safe Links

Recent findings from security researchers indicate that some hacking groups have discovered a method to circumvent a critical security feature within Microsoft Office 365, aimed at safeguarding users from phishing and malware threats. Known as Safe Links, this feature is bundled with Microsoft’s Advanced Threat Protection (ATP) and operates by…

Read MoreHackers Discover New Method to Bypass Microsoft Office 365 Safe Links

AI Toy Leaked 50,000 Chat Logs with Children Accessible to Anyone with a Gmail Account

Recent discussions among cybersecurity experts highlight serious concerns regarding data privacy in AI-enabled toys, with specific focus on Bondu, a company producing these products. Security researchers Margolis and Thacker have raised alarms over access to sensitive user data, questioning how many employees within these organizations can view such information, the…

Read MoreAI Toy Leaked 50,000 Chat Logs with Children Accessible to Anyone with a Gmail Account

Microsoft Addresses Two Actively Exploited Zero-Day Vulnerabilities

As businesses brace for vulnerabilities in their systems, Microsoft has announced the release of critical security patches during the May 2018 Patch Tuesday. This update addresses a staggering 67 security vulnerabilities, including two zero-day exploits under active attack by cybercriminals, a situation that demands immediate attention from organizations across various…

Read MoreMicrosoft Addresses Two Actively Exploited Zero-Day Vulnerabilities

Critical Vulnerability Found in Signal Messaging App for Windows and Linux

Recent analysis has uncovered a critical vulnerability within the Signal messaging application for Windows and Linux systems. This flaw poses a significant threat, as it could potentially enable remote attackers to execute arbitrary code on the target’s device merely through message transmission—eliminating the need for any user interaction to instigate…

Read MoreCritical Vulnerability Found in Signal Messaging App for Windows and Linux

ICE Leverages Palantir’s AI Tools for Tip Management

ICE Implements AI-Enhanced Tip Processing System with Palantir’s Technology The U.S. Immigration and Customs Enforcement (ICE) has begun utilizing generative artificial intelligence (AI) tools developed by Palantir to enhance its immigration enforcement operations. According to a recent inventory published by the Department of Homeland Security (DHS), this AI system is…

Read MoreICE Leverages Palantir’s AI Tools for Tip Management

Understanding How eFail Attacks Exploit PGP and S/MIME Encrypted Emails

Security researchers have urgently disclosed a set of vulnerabilities affecting email clients that utilize two prominent email encryption standards, PGP and S This disclosure follows the inadvertent leak of their forthcoming research paper, which was initially scheduled for release tomorrow. PGP and S/MIME serve as widely adopted end-to-end encryption protocols,…

Read MoreUnderstanding How eFail Attacks Exploit PGP and S/MIME Encrypted Emails