Best practices for ensuring a secure browsing environment
In this Help Net Security interview, Devin Ertel, CISO at Menlo Security, discusses how innovations like AI and closer collaboration between browser vendors and security…
Month: January 2025
Every minute, 4,080 records are compromised in data breaches
A recent Domo report shows that the world’s internet population has reached a record high of 5.52 billion people and uncovers signs that AI may…
New HIPAA Security Rule Released to Strengthen Healthcare Data
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has unveiled a Notice of Proposed Rulemaking (NPRM) to…
US Treasury says Chinese hackers stole documents in ‘major incident’ – Security
Chinese state-sponsored hackers broke into the US Treasury Department earlier this month and stole documents from its workstations. According to a letter to lawmakers provided…
IBM, GlobalFoundries settle lawsuits over contract, trade secrets – Hardware
GlobalFoundries and IBM have settled duelling lawsuits in which GlobalFoundries was accused of breaching a contract with IBM and the computer giant was alleged to…
Apple to pay US$95 million to settle Siri privacy lawsuit – Security
Apple agreed to pay US$95 million ($152 million) in cash to settle a proposed class action lawsuit claiming that its voice-activated Siri assistant violated users’…
Ransomware gang leaks data stolen in Rhode Island’s RIBridges Breach
The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island’s “RIBridges” social services platform. RIBridges is an integrated…
A US soldier was arrested for leaking presidential call logs
A US soldier was arrested for leaking presidential call logs Pierluigi Paganini January 02, 2025 US authorities have arrested soldier Cameron John Wagenius for his…
New DoubleClickjacking attack exploits double-clicks to hijack accounts
A new variation of clickjacking attacks called “DoubleClickjacking” lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types…
Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation
SUMMARY A user on X (@NSA_Employee39) claimed to discover a zero-day exploit for 7-Zip, alleging a critical buffer overflow vulnerability. The exploit purportedly involved a…
DoubleClickjacking allows clickjacking on major websites
DoubleClickjacking allows clickjacking on major websites Pierluigi Paganini January 02, 2025 The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking…
Chinese hackers targeted sanctions office in Treasury attack
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions…