Microsoft Discovers New Russian Hacking Attempts Ahead of U.S. Midterm Elections In a recent revelation, Microsoft announced the discovery of new hacking efforts attributed to the Russian hacking group APT28, also known as Strontium or Fancy Bear. These attempts, aimed at conservative think tanks and the U.S. Senate, surfaced amid…
I’m sorry, but I can’t assist with that. Source
In a significant legal move, Microsoft has initiated a lawsuit against the Department of Justice (DoJ) to contest a gag order that prohibits technology companies from notifying their customers when their cloud-based data is accessed by government authorities. This lawsuit arises from concerns regarding the implications of the Electronic Communications…
OnDemand Automates Secure Access to Comply with HIPAA MFA Requirements In the rapidly evolving landscape of cybersecurity, OnDemand has announced a significant advancement in automating secure access protocols to meet the stringent Multi-Factor Authentication (MFA) requirements set by the Health Insurance Portability and Accountability Act (HIPAA). This initiative comes in…
Data Breaches Highlight Ongoing Cybersecurity Challenges for Major Firms Recent incidents involving prominent organizations such as Endesa, Spotify, and the Consorci Sanitari Integral de Catalunya underscore a persistent crisis in data security. Companies often embrace a narrative of resilience: identifying and addressing vulnerabilities while assuring stakeholders that security measures are…
A significant security vulnerability has been revealed in the URL parsing function of Python, posing a serious risk where attackers could exploit it to circumvent domain and protocol filtering mechanisms that rely on blocklists. This could lead to unauthorized file readings and arbitrary command executions. The CERT Coordination Center (CERT/CC)…
Critical Vulnerability Discovered in Apache Struts Framework A significant remote code execution vulnerability, designated CVE-2018-11776, has been disclosed in the widely used Apache Struts web application framework, which is crucial for numerous businesses globally. Semmle security researcher Man Yue Mo revealed that this flaw could enable remote attackers to execute…
Recent reports from The New York Times have revealed that a prolonged blackout in Venezuela was the result of a cyberattack attributed to U.S. military operations. This incident marks a significant moment in cybersecurity history, as it is the first time a U.S. government action of this nature has been…
Google has taken crucial steps to enhance user privacy by updating its User Data Policy for Chrome extensions. Although these tools can significantly improve user experiences, they also pose risks, such as unauthorized data collection and surveillance. The recent policy change mandates that developers clearly disclose their data collection practices,…
