Who’s watching your webcam? The Screencastify Chrome extension story…
Credit to Author: Paul Ducklin| Date: Thu, 26 May 2022 18:41:02 +0000
When you really need to make exceptions in cybersecurity, specify them as explicitly as you can.
Read moreMonth: May 2022
Poisoned Python and PHP packages purloin passwords for AWS access
Credit to Author: Paul Ducklin| Date: Wed, 25 May 2022 18:04:17 +0000
More supply chain trouble – this time with clear examples so you can learn how to spot this stuff yourself.
Read moreClearview AI face-matching service fined a lot less than expected
Credit to Author: Paul Ducklin| Date: Mon, 23 May 2022 18:01:58 +0000
The fine has finally gone through… but it’s less than 45% of what was originally proposed.
Read moreDOJ reverses itself, says good-faith security researchers should be left alone
Credit to Author: Evan Schuman| Date: Thu, 26 May 2022 03:02:00 -0700
In a move that could have a major impact on enterprise penetration testing and other cybersecurity tactics, the US Department of Justice last Thursday reversed one of its own policies by telling prosecutors not to prosecute anyone involved in “good-faith security research.”
This is one of those common-sense decisions that makes me far more interested in exploring the original DOJ policy (set in 2014, during the Obama era).
The underlying law at issue is the Computer Fraud and Abuse Act, which made it illegal to access a computer without proper authorization. It was passed in 1986 and has been updated several times since then.
IT salaries aren't keeping up with inflation — but that may soon change
Credit to Author: Lucas Mearian| Date: Thu, 26 May 2022 03:00:00 -0700
Pay for some IT professionals is failing to keep up with inflation, according to a salary survey by IT employment consultancy Janco Associates for calendar year 2021. But preliminary data indicates pay for tech workers could soon change drastically with job market in IT tight, and many companies eyeing major tech projects in the year ahead.
With inflation in the US running at about 8% over the past year, salary increases — even for IT execs — have failed to keep pace.
The mean compensation for all IT pros last year rose only 2.05%, with the median salary at $100,022 for those at large enterprises and at $95,681 for IT workers at mid-sized firms, according to Janco.
Microsoft security vulnerabilities drop after five-year rise
Credit to Author: Jon Gold| Date: Wed, 25 May 2022 12:45:00 -0700
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.
Read moreTwitter fined $150M after using 2FA phone numbers for marketing
Credit to Author: Malwarebytes Labs| Date: Fri, 27 May 2022 12:27:05 +0000
Twitter is paying the price for using users’ security information for targeted advertising,
The post Twitter fined $150M after using 2FA phone numbers for marketing appeared first on Malwarebytes Labs.
Read moreFirefox, Thunderbird, receive patches for critical security issues
Credit to Author: Christopher Boyd| Date: Fri, 27 May 2022 11:06:49 +0000
Critical updates have been released for both Firefox and Thunderbird. Apply now if you haven’t already—we explain how.
The post Firefox, Thunderbird, receive patches for critical security issues appeared first on Malwarebytes Labs.
Read moreChromeLoader targets Chrome Browser users with malicious ISO files
Credit to Author: Christopher Boyd| Date: Thu, 26 May 2022 12:17:41 +0000
ChromeLoader is working its way into Chrome browsers via ISO images claiming to offer cracked games. What are the dangers?
The post ChromeLoader targets Chrome Browser users with malicious ISO files appeared first on Malwarebytes Labs.
Read moreWatch out! Tinder and Grinder users targeted by cruel scammers using real abuse photos
Credit to Author: Jovi Umawing| Date: Thu, 26 May 2022 10:30:47 +0000
Scammers are trawling dating apps again. But they’re not out to capture hearts but personal details—and your money, of course.
The post Watch out! Tinder and Grinder users targeted by cruel scammers using real abuse photos appeared first on Malwarebytes Labs.
Read more