Google is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek.
Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue
As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.
The post Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue appeared first on SecurityWeek.
Microsoft Copilot Studio Vulnerability Led to Information Disclosure
A vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.
The post Microsoft Copilot Studio Vulnerability Led to Information Disclosure appeared first on SecurityWeek.
Google Cloud Unveils New Security Services and Capabilities
Several security-related enhancements have been announced at the 2024 Google Cloud Security Summit.
The post Google Cloud Unveils New Security Services and Capabilities appeared first on SecurityWeek.
It’s Time To Untangle the SaaS Ball of Yarn
It’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services.
Unfortunately – as is so often the case – our
Unfortunately – as is so often the case – our
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from
Unlocking the Power of AI in Cybersecurity
As adversaries increasingly exploit AI, security practitioners must not fall behind. What does it take to unlock the full potential of AI in cybersecurity?
The post Unlocking the Power of AI in Cybersecurity appeared first on SecurityWeek.
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups.
“This application shares several behaviors with malware we’ve seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket,” Kandji security
“This application shares several behaviors with malware we’ve seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket,” Kandji security
Azure Kubernetes Services Vulnerability Exposed Sensitive Information
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.
Cyberattack Disrupts Microchip Technology Manufacturing Facilities
Microchip Technology has disclosed a cyberattack impacting operations at some of its manufacturing facilities.
The post Cyberattack Disrupts Microchip Technology Manufacturing Facilities appeared first on SecurityWeek.