Mozilla Faces GDPR Complaint Over New Firefox Tracking Feature
NOYB, a European privacy group has filed a complaint with Austrian authorities, alleging that Mozilla breached GDPR by…
Darktrace AI Halts Thread Hijacking Attack Targeting Major Company
Darktrace AI detected and stopped a thread hijacking attack in real-time, preventing email account compromise and data theft.…
THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 23-29)
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could’ve opened the door to remote attacks. Google’s switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn’t all good news – Kaspersky’s […]
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. “These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses,” Bitsight researcher
A week in security (September 23 – September 29)
Last week on Malwarebytes Labs: Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number Privacy watchdog files complaint over Firefox quietly enabling its Privacy Preserving Attribution Telegram will hand over user details to law enforcement Don’t share the viral Instagram Meta AI “legal” post Romance scams costlier than ever: […]
Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number
In June of 2024 security researchers uncovered a set of vulnerabilities in the Kia dealer portal that allowed them to remotely take over any Kia vehicle built after 2013—and all they needed was a license plate number. According to the researchers: “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, […]
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation
Authors: Boudewijn Meijer && Rick Veldhoven Introduction As defensive security products improve, attackers must refine their craft. Gone are the days of executing malicious binaries from disk, especially ones well known to antivirus and Endpoint Detection and Reponse (EDR) vendors. Now, attackers focus on in-memory payload execution for both native and managed applications to evade […]
Enhancing Cyber Resilience in Manufacturing Organizations
2024 Cyber Resilience Research Unveils Manufacturing Sector Challenges New data illuminates how manufacturing leaders can prioritize resilience. Manufacturing organizations find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to manufacturing providers. Get your complimentary copy of […]
Enhancing Cyber Resilience in Transportation Organizations
2024 Cyber Resilience Research Unveils Transportation Sector Challenges New data illuminates how transportation leaders can prioritize resilience. Transportation organizations find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to transportation providers. Get your complimentary copy of […]
Cyber insurance industry unites to bear down on ransom payments – post by LinkCyb
Joint guidance from the NCSC with the Association of British Insurers (ABI), British Insurance Brokers’ Association (BIBA) and International Underwriting Association (IUA) aims to help organisations faced with ransomware demands minimise disruption and the cost of an incident.