Independent – Page 46 – Computer Security Articles

No matter what US President Joseph R. Biden Jr. said, NSO Group is still around; the privatized spying service produced zero-click exploits against iOS 15 and iOS 16 last year, according to the latest report from Citizen Lab.

It also suggests Lockdown Mode is effective against such attacks.

A trio of exploits used in complex form

The report reflects what Citizen Lab learned from investigating attacks against Mexican human rights defenders. The researchers conclude that NSO Group, called “mercenary hackers” by Apple, has made wide use of at least three zero-click exploits in Apple’s iPhone operating systems against civil society targets worldwide. NSO Group is the infamous firm that created the Pegasus tool used to spy on people.

To read this article in full, please click here

ComputerWorld Independent

April 17, 2023 admin

Google urges users to update Chrome to address zero-day vulnerability

Credit to Author: avenkat@idg.com| Date: Mon, 17 Apr 2023 08:43:00 -0700

Google has released Chrome version 112.0.5615.121 to address a vulnerability that can allow malicious code execution on Windows, Mac, and Linux systems.

Independent Krebs

April 14, 2023 admin

Why is ‘Juice Jacking’ Suddenly Back in the News?

Credit to Author: BrianKrebs| Date: Fri, 14 Apr 2023 20:27:56 +0000

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “juice jacking,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking.

ComputerWorld Independent

April 14, 2023 admin

Patch now to address a Windows zero-day

Microsoft has addressed 97 existing vulnerabilities this April Patch Tuesday, with a further eight previously released patches updated and re-released. There have been reports of a vulnerability (CVE-2023-28252) exploited in the wild, making it a “Patch Now” release.

This update cycle affects Windows desktops, Microsoft Office, and Adobe Reader. No updates for Microsoft Exchange this month. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this April update cycle.

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

EU privacy regulators to create task force to investigate ChatGPT

The European Data Protection Board (EDPB) plans to launch a dedicated task force to investigate ChatGPT after a number of European privacy watchdogs raised concerns about whether the technology is compliant with the EU’s General Data Protection Regulation (GDPR).

Europe’s national privacy regulators said on Thursday that the decision came following discussions about recent enforcement action undertaken by the Italian data protection authority against OpenAI regarding its ChatGPT service.

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

EU privacy regulators to create taskforce to investigate ChatGPT

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

Stolen ChatGPT premium accounts up for sale on the dark web

Credit to Author: avenkat@idg.com| Date: Fri, 14 Apr 2023 06:02:00 -0700

There has been an increase in discussions and trades related to ChatGPT on the dark web since March, according to Check Point.

ComputerWorld Independent

April 13, 2023 admin

Cisco to offer Webex air-gapped cloud system for security, defense work

Building on its WebEx product line, Cisco plans to deliver an air-gapped, cloud-based collaboration system for companies involved in US national security and defense work, extending the secure offerings the company already provides to industries that require collaboration tools with strong security measures to meet US government requirements.

Beginning in 2024, the new Webex system — Air-Gapped Trusted Cloud — will provide an added layer of security for teams collaborating through the Webex App, Cisco said.

An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. For example, an air-gapped computer is unable to connect to the internet or any other communications networks so as to have complete security with the information that resides within it.

To read this article in full, please click here