Australian Parliament Passes Privacy Penalty Bill
The higher penalties and extended powers will become effective after the bill receives royal assent
Cyber News, Cyber Threat TrendsWho’s swimming in South Korean waters? Meet ScarCruft’s Dolphin
ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group The post Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin appeared first on WeLiveSecurity
Cyber News, Cyber Threat TrendsZero-Day Flaw Discovered in Quarkus Java Framework
The flaw has a CVSS v3 base score rating of 9.8 and can be found in the Dev UI Config Editor
Cyber News, Cyber Threat TrendsChina-Based Hackers Target Southeast Asia With USB-Based Malware
UNC4191 operations have affected several entities in Southeast Asia but also in the US, Europe and Asia Pacific Japan
Cyber News, Cyber Threat Trends
- November 30, 2022
AWS launches new cybersecurity service Amazon Security Lake
Amazon Web Services (AWS) has launched a new cybersecurity service, Amazon Security Lake, which automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account, the company said in a statement. “Customers must be able to quickly detect and respond to security risks so they can take […]
Cyber News, Cyber Threat Trends
- November 30, 2022
Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection
New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an “unexpected behavior” in the npm command line interface (CLI) tool. npm CLI’s install and audit commands have built-in capabilities to check a package and all of its dependencies for known vulnerabilities, effectively acting as a warning mechanism for
Cyber News, Cyber Threat Trends
- November 30, 2022
French Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 Algorithm
The French data protection watchdog on Tuesday fined electricity provider Électricité de France €600,000 for violating the European Union General Data Protection Regulation (GDPR) requirements. The Commission nationale de l’informatique et des libertés (CNIL) said the electric utility breached European regulation by storing the passwords for over 25,800 accounts by hashing them using the MD5
Cyber News, Cyber Threat TrendsFacebook Fined $276M under GDPR
Facebook—Meta—was just fined $276 million (USD) for a data leak that included full names, birth dates, phone numbers, and location. Meta’s total fine by the Data Protection Commission is over $700 million. Total GDPR fines are over €2 billion (EUR) since 2018.
Cyber News, Cyber Threat Trends
- November 30, 2022
This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
A malicious Android SMS application found on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo (com.vanjan.sms), had over 100,000 downloads and functioned as a relay for transmitting messages to a server, which […]
Cyber News, Cyber Threat Trends