HackDig : Dig high-quality web security articles

Defensive Driving: The Need for EV Cybersecurity Roadmaps

As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting from Point A to Point B. They also offer a new path for network compromise that could put drivers, c
Publish At:2023-01-26 11:38 | Read:38935 | Comments:0 | Tags:Data Protection Risk Management Cybersecurity Data Security

EU's Breton Warns TikTok CEO: Comply With New Digital Rules

The European Union’s digital policy chief warned TikTok’s boss Thursday that the social media app will have to fall in line with tough new rules for online platforms set to take effect later this year.EU Commissioner Thierry Breton held a video call with Shou Zi Chew, the CEO of TikTok, the popular Chinese-owned video sharing app that’s coming under increasi
Publish At:2023-01-20 10:32 | Read:83618 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Chainguard Trains Spotlight on SBOM Quality Problem

Software engineers tracking the quality of software bill of materials have stumbled on a startling discovery: Barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.According to new data from software supply chain security startup Chainguard, SBOMs being generated by existing tools fail to meet the minimum da
Publish At:2023-01-19 18:28 | Read:79085 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Email Security Fraud &

Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List

The US government’s cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical -- and already exploited -- security vulnerability in the widely used CentOS Control Web Panel utility.The agency added the CVE-2022-44877 flaw to its KEV (Known Exploited Vulnerabilities) catalog and set a February 7th deadline for federal
Publish At:2023-01-18 14:30 | Read:91896 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Vendors Actively Bypass Security Patch for Year-Old Magento Vulnerability

Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns.The CVE-2022-24086 bug (CVSS score of 9.8) is described as an improper input validation bug in the checkout process. It
Publish At:2023-01-18 14:30 | Read:81172 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

18k Nissan Customers Affected by Data Breach at Third-Party Software Developer

Nissan North America is informing roughly 18,000 customers that their personal information was exposed in a data breach at a third-party services provider.The breach occurred after data provided by Nissan to the services provider was inadvertently exposed on the internet, the company notes in a notification letter sent to the impacted customers.“The impacted
Publish At:2023-01-18 10:32 | Read:65874 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection

Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today

Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses an existential risk to the classical encryptio
Publish At:2023-01-17 15:36 | Read:110367 | Comments:0 | Tags:CISO Data Protection decryption tools Encryption Quantum Com

Bill Would Force Period Tracking Apps to Follow Privacy Laws

When the Supreme Court last June stripped away constitutional protections for abortion, concerns grew over the use of period tracking apps because they aren’t protected by federal privacy laws.Privacy experts have said they fear pregnancies could be surveilled and the data shared with police or sold to vigilantes.Some Washington state lawmakers want to chang
Publish At:2023-01-17 10:32 | Read:70953 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Researchers: Brace for Zoho ManageEngine 'Spray and Pray' Attacks

Security researchers tracking a known pre-authentication remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet.The vulnerability, patched by Zoho last November, affects multiple Zoho ManageEngine products and can be reached over the internet to launch code execu
Publish At:2023-01-16 18:28 | Read:124214 | Comments:0 | Tags:Disaster Recovery Endpoint Security Network Security NEWS &a

Tesla Returns as Pwn2Own Hacker Takeover Target

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to complete vehicle compromise.Tesla, in tandem with Pwn2Own organizations Zero Day Initiative, is offering a $600,000 cash prize to any hacker capable of writing exploits that pivot through multiple systems
Publish At:2023-01-12 18:28 | Read:161265 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Threema Under Fire After Downplaying Security Research

The developers of the open source secure messaging app Threema have come under fire over their public response to a security analysis conducted by researchers at the Swiss university ETH Zurich.The Swiss company that makes Threema claims to have more than 10 million users and over 7,000 on-premises customers. Customers reportedly include the Swiss government
Publish At:2023-01-12 10:32 | Read:76588 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities Data Protection security

Investors Bet Big on Subscription-Based Security Skills Training

Hack The Box, a British startup working on technology to simplify cybersecurity skills training, has banked a $55 million funding round as venture capital investors place big bets on the subscription-based talent assessment space.Hack the Box said the $55 million Series B was led by global investment firm Carlyle. Paladin Capital Group, Osage University Part
Publish At:2023-01-11 14:30 | Read:71584 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

EU Tells TikTok Chief To Respect Data Privacy Laws

The European Union warned online giant TikTok on Tuesday to respect EU law and ensure the safety of European users' data, as the video-sharing app's CEO met with top officials in Brussels.TikTok, whose parent company ByteDance is Chinese, has come under fierce Western scrutiny in recent months over concerns about how much access Beijing has to user data.TiKT
Publish At:2023-01-11 06:34 | Read:79585 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Intel Adds TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors

Intel announced on Tuesday that it has added Intel Trust Domain Extensions (TDX) to its confidential computing portfolio with the launch of its new 4th Gen Xeon enterprise processors.The chip giant has launched the 4th Gen Xeon scalable CPUs, codenamed Sapphire Rapids, alongside the Intel Xeon CPU Max series, codenamed Sapphire Rapids HBM, and the Data Cente
Publish At:2023-01-10 18:28 | Read:96727 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Cloud Security Data Pr

Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s already been exploited to escape the browser sandbox.The zero-day, flagged by researchers at anti-malware company Avast, was exploited in live attacks to elevate privileges and escape a
Publish At:2023-01-10 18:28 | Read:149705 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Priva

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud