Researchers from Tencent Labs and Zhejiang University have unveiled BrutePrint, a new attack that exploits fingerprint vulnerabilities in modern smartphones to bypass user authentication and gain control of the devices. The attack relies on brute-forcing fingerprints through an unlimited number of attempts until a match is found. By exploiting two zero-day vulnerabilities, Cancel-After-Match-Fail (CAMF) and […]
Prominent technology provider, ScanSource, has confirmed a ransomware attack that disrupted its systems, operations, and customer portals. The US-based company offers cloud services, SaaS connectivity, and specialized solutions like point of sale (PoS) and security. Reports from customers unable to access ScanSource’s portals raised concerns of a cyberattack, later confirmed by the company. Following the […]
Attack surface management (ASM) is often overlooked in securing cloud computing environments, despite its critical importance. Many cloud security training programs and certifications tend to focus on specific tools and trends, neglecting the comprehensive approach that ASM offers. However, with attackers becoming more sophisticated and leveraging advanced AI technology, it is crucial for enterprises to […]
Cloud security remains a top concern for about 40% of professionals, as revealed by a survey by cybersecurity vendor Delinea at the 2023 RAS Conference. Cloud environments are attractive targets due to their vast data storage, making cloud providers susceptible to cyberattacks. Mitigating these risks requires a holistic approach, recognizing that no single control can […]
TSA tests facial recognition to streamline airport security, allowing passengers to proceed through checkpoints by inserting an ID card and looking into a camera. The pilot project is currently implemented in 16 airports, offering voluntary participation. Critics raise concerns about biases in facial recognition algorithms and privacy implications. TSA emphasizes the pilot’s accuracy, privacy measures, […]
The US has charged former Apple engineer Weibao Wang with trade secret theft and attempting to flee to China. Wang is accused of stealing Apple’s autonomous systems technology, including their self-driving car project, Project Titan. He had worked at Apple since 2016 but delayed informing the company about his resignation after accepting a job offer […]
OpenAI’s ChatGPT app has achieved remarkable success in a short period of time, surpassing over 500,000 downloads within just six days of its launch. This outstanding performance was revealed through an analysis conducted by data.ai, an app intelligence provider. During its initial U.S.-only launch phase, the ChatGPT app garnered 480,000 installs in the first five […]
It is commonly assumed that high-tech companies have an inherent advantage in security due to their younger, tech-savvy workforce and lack of legacy systems. However, recent breaches of SaaS applications used by high-tech companies, such as Slack and MailChimp, have highlighted the need for strong SaaS security configurations and threat detection measures. High-tech companies often […]
Last week, Dish informed the Maine Attorney General regarding a recent data breach and shared a copy of the notification letter sent to affected individuals. Dish disclosed to authorities that over 296,000 people were impacted by the incident. According to the notification letter, there is no evidence that customer databases were accessed by hackers. However, […]
Reworded: MSI suffered a significant security breach two months ago that resulted in the loss of sensitive data, including firmware source code for MSI motherboards. As a result of this breach, other companies, including Intel, have also been impacted. In particular, Intel has discovered a leak of its Boot Guard keys, which may render the […]