Security
Headlines
HeadlinesLatestCVEs

Tag

#amazon

It’s apparently hip to still be using Windows 7

Steam, the most popular video game storefront on PCs, only recently announced that it was ending support for Windows 7 and 8, and even then, it won’t be official until January.

TALOS
Open in Source
#sql#vulnerability#web#android#mac#windows#apple#google#microsoft#amazon#linux#cisco#git#botnet#zero_day#webkit
CVE-2023-33248: International Conference on Cloud, IoT and Security (CIOS 2023)

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing). Commands at these frequencies are essentially never spoken by authorized actors, but a substantial fraction of the commands are successful.

OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps

A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more.

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,"

The Pros and Cons of Smart Homes

By Owais Sultan The world is more connected than ever before, and the rise of the smart home is just one… This is a post from HackRead.com Read the original post: The Pros and Cons of Smart Homes

Ubuntu Security Notice USN-6094-1

Ubuntu Security Notice 6094-1 - Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information.

Malvertising via brand impersonation is back again

Categories: Threat Intelligence Tags: malvertising Tags: google Tags: ads Tags: amazon Tags: cloaking Ads containing the official website of an impersonated brand are running again, allowing fraudsters to scam users. (Read more...) The post Malvertising via brand impersonation is back again appeared first on Malwarebytes Labs.

Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations

The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.

EU Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations

Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB), the social media giant has been ordered to bring its data transfers into compliance with the GDPR and delete unlawfully stored and processed

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company's Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). "The group displays a preference for Graphical