somcert2022

  • Home
  • Author: somcert2022
  • Page 2

Why ‘Never Expire’ Passwords Can Be a Risky Decision

Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls […]
Read More

Google Now Syncing Passkeys Across Desktop, Android Devices

Google on Thursday announced that users who rely on passkeys to sign into applications and websites can now save the passkeys on more than just their Android devices. The internet giant introduced passkey support in Android and Chrome in 2022, enabling users to log in with biometric authentication instead of passwords, which may be compromised through leaks […]
Read More

Apple Suddenly Drops NSO Group Spyware Lawsuit

Apple has abruptly withdrawn its lawsuit against NSO Group, citing increased risk that the legal battle might unintentionally reveal sensitive vulnerability data and difficulties in acquiring essential information from the spyware vendor. In a court filing Friday, Apple said continuing the lawsuit now poses “too significant a risk” of exposing the anti-exploitation and threat intelligence […]
Read More

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

Microsoft raised an alarm for in-the-wild exploitation of a critical flaw in Windows Update, warning that attackers are rolling back security fixes on certain versions of its flagship operating system. The Windows flaw, tagged as CVE-2024-43491 and marked as actively exploited, is rated critical and carries a CVSS severity score of 9.8/10. Microsoft did not provide any information […]
Read More

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and tools. “For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which allows the […]
Read More

How to Augment Your Password Security with EASM

Simply relying on traditional password security measures is no longer sufficient. When it comes to protecting your organization from credential-based attacks, it is essential to lock down the basics first. Securing your Active Directory should be a priority – it is like making sure a house has a locked front door before investing in a […]
Read More

FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany

The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Radar/Dispossessor. The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by […]
Read More

Windows Update Flaws Allow Undetectable Downgrade Attacks

LAS VEGAS —  SafeBreach Labs researcher Alon Leviev is calling urgent attention to major gaps in Microsoft’s Windows Update architecture, warning that malicious hackers can launch software downgrade attacks that make the term “fully patched” meaningless on any Windows machine in the world.  During a closely watched presentation at the Black Hat conference today in […]
Read More

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks