Independent – Page 45 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Fri, 14 Apr 2023 20:27:56 +0000

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “juice jacking,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking.

ComputerWorld Independent

April 14, 2023 admin

Patch now to address a Windows zero-day

Microsoft has addressed 97 existing vulnerabilities this April Patch Tuesday, with a further eight previously released patches updated and re-released. There have been reports of a vulnerability (CVE-2023-28252) exploited in the wild, making it a “Patch Now” release.

This update cycle affects Windows desktops, Microsoft Office, and Adobe Reader. No updates for Microsoft Exchange this month. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this April update cycle.

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

EU privacy regulators to create task force to investigate ChatGPT

The European Data Protection Board (EDPB) plans to launch a dedicated task force to investigate ChatGPT after a number of European privacy watchdogs raised concerns about whether the technology is compliant with the EU’s General Data Protection Regulation (GDPR).

Europe’s national privacy regulators said on Thursday that the decision came following discussions about recent enforcement action undertaken by the Italian data protection authority against OpenAI regarding its ChatGPT service.

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

EU privacy regulators to create taskforce to investigate ChatGPT

To read this article in full, please click here

ComputerWorld Independent

April 14, 2023 admin

Stolen ChatGPT premium accounts up for sale on the dark web

Credit to Author: avenkat@idg.com| Date: Fri, 14 Apr 2023 06:02:00 -0700

There has been an increase in discussions and trades related to ChatGPT on the dark web since March, according to Check Point.

ComputerWorld Independent

April 13, 2023 admin

Cisco to offer Webex air-gapped cloud system for security, defense work

Building on its WebEx product line, Cisco plans to deliver an air-gapped, cloud-based collaboration system for companies involved in US national security and defense work, extending the secure offerings the company already provides to industries that require collaboration tools with strong security measures to meet US government requirements.

Beginning in 2024, the new Webex system — Air-Gapped Trusted Cloud — will provide an added layer of security for teams collaborating through the Webex App, Cisco said.

An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. For example, an air-gapped computer is unable to connect to the internet or any other communications networks so as to have complete security with the information that resides within it.

To read this article in full, please click here

ComputerWorld Independent

April 12, 2023 admin

Yet more digital spies targeting iPhones exposed by security researchers

Just weeks after President Biden signed an executive order designed to prevent the US government from purchasing commercial spyware used to subvert democracies, researchers have identified yet another shameful zero-click, zero-day exploit that targeted iPhone users. This spy-for-hire ‘solution’ was sold by an Israeli firm called QuaDream.

Making everyone less safe

QuaDream’s attacks have been exposed by security researchers at Microsoft and Citizen Lab. QuaDream is a more secretive entity than NSO Group but shares much of the same pedigree, including being founded by ex-NSO Group employees and having connections to Israeli intelligence. Its attacks were first exposed last year, but the researchers have since found more about how these digital mercenaries worked.

To read this article in full, please click here

Independent Krebs

April 11, 2023 admin

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2023 00:06:51 +0000

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.