Santander, a UK-based bank, is warning customers about an increase in impersonation scams where fraudsters pretend to be the bank in order to steal money from unsuspecting victims. The bank has identified several tactics used by scammers, including phishing emails and phone calls, fake websites, and even physical letters sent through the post. Santander is […]
Microsoft is testing a “private ChatGPT” alternative to its language model, which is designed to alleviate concerns about data privacy. The private version, called “Microsoft Private AI,” would be limited to a specific organization and its data would not leave the organization’s network. This move comes as companies are increasingly concerned about the security and […]
ChatGPT is an advanced tool that can generate meaningful results with minimal user expertise, but what are the security implications of ChatGPT? The quality of ChatGPT’s output depends on factors such as specificity, clarity, and context. Users must understand ChatGPT’s capabilities and limitations and evaluate its output critically. Effective utilization of ChatGPT involves prompt engineering […]
Did you know that your Ring doorbell video footage could be part of police surveillance? Ring saw search warrants increase 33 percent in 2022 from the previous year. The lack of legal controls on what police can ask for, and judges failing to properly scrutinize these warrants, opens the door for even indoor home footage […]
The Bundesamt für Sicherheit in der Informationstechnik (BSI), part of the German Ministry of Internal Affairs, has investigated web shops which show that they are often unsafe. Seven out of ten researched webshop platforms use vulnerable JavaScript libraries. In addition, almost all solutions had inadequate password policies and nearly half of the products use end-of-life […]
A cybersecurity insurer predicts that a 13% growth to 1,900 CVEs monthly would include 270 high-severity and 155 critical-severity vulnerabilities. The predictions are based on data collected over the last ten years. For most CVEs, the time to exploit is within 90 days of public disclosure, while the majority of exploits take place within the […]
Irish university MTU Cork has decided to close all four campuses for two days and cancel all classes due to an intrusion into its IT systems. The attack took place last weekend and would have been detected at an early stage. The university gives no details about what kind of attack it is exactly and […]
According to a PayPal notice of security incident dated January 18, attackers got unauthorized access to the accounts of thousands of users between December 6 and 8, 2022. The total number of accounts that were accessed by threat actors using a credential stuffing attack is reported as being 34,942.
The hacker copied information from backup that contained basic LastPass customer account information and related metadata, including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service. The threat actor was also able to copy a backup of customer vault data from the […]
The records of Twitter contain either a private email address or phone number, and public scraped data, including the account’s Twitter ID, name, screen name, verified status, location, URL, description, follower count, account creation date, friends count, favorites count, statuses count, and profile image URLs.