Computer Security Articles
RSS Reader for Computer Security Articles
Security
UK Secret Order Demands That Apple Give Access to Users’ Encrypted Data
Credit to Author: Lily Hay Newman| Date: Sat, 08 Feb 2025 11:30:00 +0000
Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more.
Read MoreACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law
Credit to Author: Dell Cameron| Date: Fri, 07 Feb 2025 21:43:33 +0000
The ACLU says it stands ready to sue for access to government records that detail DOGE’s access to sensitive personnel data.
Read More20 Million OpenAI accounts offered for sale
A cybercriminal calling themselves emirking is offering 20 million OpenAI accounts for sale on a Dark Web forum
Read MoreChinese-Speaking Group Manipulates SEO with BadIIS
Credit to Author: Ted Lee| Date: Fri, 07 Feb 2025 00:00:00 +0000
This blog post details our analysis of an SEO manipulation campaign targeting Asia. We also share recommendations that can help enterprises proactively secure their environment.
Read MoreI file Scalable Vector Graphics rappresentano una nuova minaccia di phishing
Credit to Author: Andrew Brandt| Date: Thu, 06 Feb 2025 09:59:16 +0000
Il formato dei file SVG può ospitare codice HTML, script e malware dannosi
Read MoreCode injection attacks using publicly disclosed ASP.NET machine keys
Credit to Author: Microsoft Threat Intelligence| Date: Thu, 06 Feb 2025 18:00:00 +0000
Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.
The post Code injection attacks using publicly disclosed ASP.NET machine keys appeared first on Microsoft Security Blog.
Read MoreSophos acquisisce Secureworks
Credit to Author: Editor| Date: Mon, 03 Feb 2025 15:08:41 +0000
Trasformiamo il futuro, insieme
Read More