Independent – Page 35 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Tue, 18 Jul 2023 14:57:04 +0000

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom, was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. Bloom resigned from AshleyMadison citing health reasons in June 2015 — less than one month before unidentified hackers stole data on 37 million users — and launched LeakedSource three months later.

ComputerWorld Independent

July 14, 2023 admin

Four zero-days make July 's Patch Tuesday a 'patch now' update

With this month’s Patch Tuesday update, Microsoft addressed 130 security vulnerabilities, published two advisories, and included four major CVE revisions. We also have four zero-days to manage for Windows (CVE-2023-32046, CVE-2023-32049, CVE-2023-36874 and CVE-2023-36884), bringing the Windows platform into a “patch now” schedule.

To read this article in full, please click here

Independent Krebs

July 13, 2023 admin

SEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising Revenge

Credit to Author: BrianKrebs| Date: Thu, 13 Jul 2023 21:45:02 +0000

[This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack.] It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital infidelity website AshleyMadison.com had been hacked. The message contained links to confidential Ashley Madison documents, and included a manifesto that said a hacker group calling itself the Impact Team was prepared to leak data on all 37 million users unless Ashley Madison and a sister property voluntarily closed down within 30 days.

ComputerWorld Independent

July 13, 2023 admin

Google Bard launches in EU, overcoming data privacy concerns in the region

Google has announced it is making its Bard chatbot available in the EU and Brazil, five months after the company opened it up for early access. To date, residents in EU countries have been unable to access the company’s ChatGPT rival due to issues surrounding data privacy concerns.

In addition to making Bard more widely available, Google has also introduced a host of new features including text-to-speech capabilities, shareable Bard conversation links, Google Lens compatibility, and the ability to customize Bard responses — for example, adjusting for tone and style.

To read this article in full, please click here

ComputerWorld Independent

July 12, 2023 admin

EU-US Data Privacy Framework to face serious legal challenges, experts say

Nine months after US President Joe Biden signed an executive order that updated rules for the transfer of data between the US and the EU, the European Commission this week ratified the EU-US Data Privacy Framework. Industry experts, however, say it will be challenged at the European Court of Justice (CJEU), and stands a good chance of being struck down.

The move comes two years after the CJEU shut down the previous EU-US data sharing agreement, known as Privacy Shield, on grounds that the US doesn’t provide adequate protection for personal data, particularly in relation to state surveillance. In 2015, a previous attempt to forge a data sharing pact, dubbed Safe Harbor, was also struck down by the CJEU.

To read this article in full, please click here

Independent Krebs

July 11, 2023 admin

Apple & Microsoft Patch Tuesday, July 2023 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Jul 2023 22:55:07 +0000

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a zero-day vulnerability that is being exploited on MacOS and iOS devices.

ComputerWorld Independent

July 11, 2023 admin

Apple's disappearing Rapid Security Response update (u)

Apple on Monday distributed its latest Rapid Security Response update to iPhones, iPads, and Macs, rolling out an important security patch to protect devices against a recently identified attack Apple says is already in active use.

“Apple is aware of a report that this issue may have been actively exploited,” the company said in its security note.

That’s bad, as it means someone somewhere has already been attacked using this vulnerability. The patch repairs a flaw found in WebKit in which processing web content could lead to arbitrary code execution.

To read this article in full, please click here

ComputerWorld Independent

July 11, 2023 admin

Apple's disappearing Rapid Security Response update

“Apple is aware of a report that this issue may have been actively exploited,” the company said in its security note.

To read this article in full, please click here