Month: June 2021
Peneliti bocor Polc mengeksploitasi untuk kerentanan Windows RCE kritis
30 June 202188 Sebuah konsept-bukti-dari-konsep (PoC) exploit terkait dengan sebuah kerentanan kode eksekusi terpisah yang mempengaruhi spoiler Windows cetak dan ditambahi oleh Microsoft awal bulan ini sempat diterbitkan secara singkat sebelum diambil. Diidentifikasi sebagai CVE-2021-1675, masalah keamanan bisa memberikan penyerang remote kontrol penuh sistem rentan. Cetak Spooler mengelola proses pencetakan di Windows, termasuk Memuat driver pencetak yang […]
Read More
Authorities Seize DoubleVPN Service Used by Cybercriminals
30 June 2021A coordinated international law enforcement operation resulted in the takedown of a VPN service called DoubleVPN for providing a safe haven for cybercriminals to cover their tracks. “On 29th of June 2021, law enforcement took down DoubleVPN,” the agencies said in a seizure notice splashed on the now-defunct site. “Law enforcement gained access to the […]
Read More
GitHub Launches ‘Copilot’ — AI-Powered Code Completion Tool
30 June 2021GitHub on Tuesday launched a technical preview of a new AI-powered pair programming tool that aims to help software developers write better code across a variety of programming languages, including Python, JavaScript, TypeScript, Ruby, and Go. Copilot, as the code synthesizer is called, has been developed in collaboration with OpenAI, and leverages Codex, a new […]
Read More
[Webinar] How Cyber Attack Groups Are Spinning a Larger Ransomware Web
30 June 2021Organizations today already have an overwhelming number of dangers and threats to look out for, from spam to phishing attempts to new infiltration and ransomware tactics. There is no chance to rest, since attack groups are constantly looking for more effective means of infiltrating and infecting systems. Today, there are hundreds of groups devoted to […]
Read More
Apple encrypts its iCloud data on Google, AWS clouds
30 June 2021An Apple store in London. Apple had become Google’s largest customer of cloud data services. (Jon Rawlinson/CC BY 2.0) Reports Tuesday that Apple had become Google’s largest customer of cloud data services – and that the iCloud data was encrypted by Apple – was viewed as a positive development by some security researchers, who said […]
Read More
Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine
29 June 2021An unpatched security vulnerability affecting Google’s Compute Engine platform could be abused by an attacker to take over virtual machines over the network. “This is done by impersonating the metadata server from the targeted virtual machine’s point of view,” security researcher Imre Rad said in an analysis published Friday. “By mounting this exploit, the attacker […]
Read More
New API Lets App Developers Authenticate Users via SIM Cards
29 June 2021Online account creation poses a challenge for engineers and system architects: if you put up too many barriers, you risk turning away genuine users. Make it too easy, and you risk fraud or fake accounts. The Problem with Identity Verification The traditional model of online identity – username/email and password – has long outlived its […]
Read More
Google now requires app developers to verify their address and use 2FA
29 June 2021Google on Monday announced new measures for the Play Store, including requiring developer accounts to turn on 2-Step Verification (2SV), provide an address, and verify their contact details later this year. The new identification and two-factor authentication requirements are a step towards strengthening account security and ensuring a safe and secure app marketplace, Google Play […]
Read More
Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online
29 June 2021A security vulnerability in Cisco Adaptive Security Appliance (ASA) that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept (PoC) exploit code. The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged […]
Read More
Scant evidence that cyber insurance boom is leading to better security
28 June 2021The rise of the cyber insurance has largely failed to promote better cybersecurity practices among the industries they cover, according to a new report released Monday from British security think tank RUSI. (Photo by Spencer Platt/Getty Images) The security community for the last few years pointed to great potential for cyber insurance to drive progress […]
Read More