Demystifying to Network Security

Comments

Post a Comment

Popular posts from this blog

July 2024 Patch Tuesday Unleashes a Torrent of Updates

to a pair of cowboy fighter pilots (ahem, naval aviators) in  Top Gun . Less well known, but still  Alive And Kicking  (like the song released the same year by Simple Minds), the TIFF image file format also was introduced that year by Aldus Corporation, now known as Adobe. This CVE addresses a critical, easily exploitable vulnerability specific to this 38-year-old file format. A specially-crafted, malicious TIFF file, uploaded to a vulnerable server, could have triggered the server that receives the file to execute malicious code embedded in the TIFF file. Patch your servers to take them out of the danger zone. CVE-2024-38032 – Microsoft Xbox Remote Code Execution Vulnerability Users of the Xbox gaming console who also happen to have a wireless adapter, and connect wirelessly to their local network, should beware of strangers lurking on their network who can attack these devices. The (so far) hypothetical threat is that someone who is connected to your wireless network ca...
Read more

US court holds Israeli spyware liable for hacking Meta’s WhatsApp

Image
Gujarat India NRI News Entertainment Sports Lifestyle & Fashion Health Business World Science & Technology VIDEO GUJARATI E-PAPER SEARCH Gujarat Samachar World US court holds Israeli spyware liable for hacking Meta’s WhatsApp Updated: Dec 22nd, 2024 A US court on Friday held in favour of tech giant WhatsApp in a lawsuit accusing Israel’s NSO Group Technologies Ltd of exploiting a bug in the messaging app to install spy software that allowed unauthorised surveillance. US District Judge Phyllis Hamilton in Oakland, California, granted a motion by WhatsApp and found NSO liable for hacking and breach of contract. According to the court document, “WhatsApp filed this lawsuit, alleging that defendants sent malware, using WhatsApp’s system, to approximately 1,400 mobile phones and devices designed to infect those devices to surveil the users of those phones and devices.”  The targets included journalists, human rights activists and dissidents. Among the 1,400 mobile phones th...
Read more

Malicious ads served inside Microsoft Bing's artificial intelligence (AI) chatbot are being used to distribute malware

Image
The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft in February 2023, Bing Chat is an  interactive search experience  that's powered by OpenAI's large language model called  GPT-4 . A month later, the tech giant  began   exploring  placing ads in the conversations. But the move has also opened the doors for threat actors who resort to malvertising tactics and propagate malware. "Ads can be inserted into a Bing Chat conversation in various ways," Jérôme Segura, director of threat intelligence at Malwarebytes,  said . "One of those is when a user hovers over a link and an ad is displayed first before the organic result." In an example highlighted by the cybersecurity vendor, a Bing Chat query to download a legitimate software called Advanced IP Scanner returned a link that, when hovered, displayed ...
Read more