Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk 139

Risk Hacking Government Digital transformation 139

Security Boulevard

MAY 17, 2024

The post North Korea IT Worker Scam Brings Malware and Funds Nukes appeared first on Security Boulevard. DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans.

Scams 78

Scams Malware Social Engineering Data privacy 78

Security Boulevard

APRIL 10, 2024

LG Fixes Smart TV Vulns appeared first on Security Boulevard. 4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is Bitdefender overhyping the issue? The post Watch This? Patch This!

Social Engineering 135

Social Engineering IoT Data privacy Engineering 135

Security Boulevard

MARCH 27, 2024

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard. Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

Social Engineering 137

Social Engineering VPN Data privacy Engineering 137

Security Boulevard

MAY 16, 2024

One in three office workers who use GenAI admit to sharing customer info, employee details and financial data with the platforms. The post Risks of GenAI Rising as Employees Remain Divided About its Use in the Workplace appeared first on Security Boulevard. Are you worried yet?

Risk 75

Risk Social Engineering Artificial Intelligence Data privacy 75

Security Boulevard

MARCH 28, 2024

The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard. Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support.

Accountability 132

Accountability Social Engineering Authentication Data privacy 132

Security Boulevard

FEBRUARY 16, 2024

The post DoD Email Breach: Pentagon Tells Victims 12 Months Late appeared first on Security Boulevard. 3TB Email FAIL: Personal info of tens of thousands leaks. Microsoft cloud email server was missing a password.

Passwords 128

Passwords Digital transformation Social Engineering Data privacy 128

Security Boulevard

FEBRUARY 22, 2024

The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard. Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

Hacking 136

Hacking Government Digital transformation Social Engineering 136

Security Boulevard

FEBRUARY 7, 2024

The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard. PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face?

Hacking 142

Hacking Social Engineering DDOS Internet 142

Security Boulevard

MARCH 1, 2024

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff. The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

IoT 130

IoT Social Engineering Internet Internet 130

Security Boulevard

MARCH 11, 2024

Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti. The post Irony of Ironies: CISA Hacked — ‘by China’ appeared first on Security Boulevard. Free rides and traffic jams: U.S.

Hacking 138

Hacking Cybersecurity Social Engineering Data privacy 138

Security Boulevard

FEBRUARY 27, 2024

appeared first on Security Boulevard. Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road. The post US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Hacking 130

Hacking Social Engineering Data privacy Engineering 130

Security Boulevard

MARCH 26, 2024

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service. The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

Social Engineering 127

Social Engineering Authentication Data privacy Security Awareness 127

Security Boulevard

JANUARY 30, 2024

The post ‘Extremely serious’ — Mercedes-Benz Leaks Data on GitHub appeared first on Security Boulevard. Oh, Lord: My friends all hack Porsches—I must make amends.

Hacking 136

Hacking Digital transformation Social Engineering Data privacy 136

Security Boulevard

JANUARY 25, 2024

The post Malicious AdTech Spies on People as NatSec Targets appeared first on Security Boulevard. Targeted ads target targets: Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding.

Government 138

Government Social Engineering Advertising Data privacy 138

Security Boulevard

FEBRUARY 8, 2024

Bootkit Bug in shim.efi appeared first on Security Boulevard. Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault. The post Linux Vendors Squawk: PATCH NOW — CVSS 9.8

Social Engineering 132

Social Engineering Data privacy Engineering IoT 132

Security Boulevard

FEBRUARY 20, 2024

The post LockBit Takedown by Brits — Time for ‘Operation Cronos’ appeared first on Security Boulevard. RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers.

Ransomware 126

Ransomware Social Engineering Data privacy Engineering 126

Security Boulevard

FEBRUARY 5, 2024

The post CFO Deepfake Fools Staff — Fakers Steal $26M via Video appeared first on Security Boulevard. Bad hoax blood: Spearphish pivots to deepfake Zoom call, leads to swift exit of cash.

Digital transformation 130

Digital transformation Social Engineering Data privacy Engineering 130

Security Boulevard

JANUARY 3, 2024

The post Facebook’s New Privacy Nightmare: ‘Link History’ appeared first on Security Boulevard. How stupid does he think we are? You’ll want to turn off this new app setting.

Social Engineering 138

Social Engineering Advertising Data privacy Engineering 138

Security Boulevard

JANUARY 10, 2024

The post China Cracks Apple Private Protocol — AirDrop Pwned appeared first on Security Boulevard. AirDrop hashing is weaksauce: Chinese citizens using peer-to-peer wireless comms “must be identified.”

Wireless 135

Wireless Social Engineering Firewall Data privacy 135

Security Boulevard

JANUARY 18, 2024

The post Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy appeared first on Security Boulevard. Have I been pwned? Yes, you probably have. Stop reusing passwords, already. Here’s what else you should do.

Passwords 132

Passwords Social Engineering Data privacy Authentication 132

Security Boulevard

FEBRUARY 1, 2024

via Router Botnet) appeared first on Security Boulevard. a/k/a BRONZE SILHOUETTE: FBI head Wray won’t tolerate China’s “real-world threat to our physical safety.” The post FBI Warning: China Will Hack US Infra.

Hacking 126

Hacking Social Engineering Data privacy Engineering 126

Security Boulevard

DECEMBER 13, 2023

The post Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658 appeared first on Security Boulevard. When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system.

Hacking 131

Hacking Digital transformation Social Engineering Data privacy 131

Security Boulevard

JANUARY 2, 2024

The post Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old appeared first on Security Boulevard. What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability.

Social Engineering 137

Social Engineering Accountability Account Security Data privacy 137

Security Boulevard

NOVEMBER 27, 2023

The post Meta Sued for Ignoring its Underage Kids Problem (Because Money) appeared first on Security Boulevard. Don’t be square: Newly-unsealed COPPA suit says Zuck’s mob knows full well there are loads of users under the age of 13, but did nothing.

Social Engineering 123

Social Engineering Identity Theft Data privacy Engineering 123

Security Boulevard

MARCH 18, 2024

The post TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs appeared first on Security Boulevard. 7521 momentum builds: Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA.

Social Engineering 85

Social Engineering Spyware Media Data privacy 85

Security Boulevard

SEPTEMBER 25, 2023

The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard. Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.

Spyware 126

Spyware Government Social Engineering Data privacy 126

Security Boulevard

FEBRUARY 28, 2024

The post FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure appeared first on Security Boulevard. GRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability.

Hacking 86

Hacking Social Engineering Data privacy Authentication 86

Security Boulevard

JANUARY 23, 2024

The post Russia Hacked Microsoft Execs — SolarWinds Hackers at it Again appeared first on Security Boulevard. AKA APT29: Midnight Blizzard / Cozy Bear makes it look easy (and makes Microsoft look insecure).

Hacking 87

Hacking Social Engineering Data privacy Engineering 87

Security Boulevard

JANUARY 4, 2024

The post 23andMe: It’s YOUR Fault We Lost Your Data appeared first on Security Boulevard. Am I my brother's keeper? DNA testing firm doubles down on blaming victims and sics lawyer on them.

Social Engineering 85

Social Engineering Data privacy Engineering Passwords 85

Security Boulevard

DECEMBER 20, 2023

The post SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec appeared first on Security Boulevard. Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches.

Digital transformation 86

Digital transformation Social Engineering Data privacy Authentication 86

Security Boulevard

JANUARY 22, 2024

The post From Phishing to Friendly Fraud: Anticipating 2024’s Fraud Dynamics appeared first on Security Boulevard. Planning for emerging fraud trends can help you stay a step ahead of criminals’ new tactics, protect your revenue and customer relationships.

Phishing 80

Phishing Social Engineering Data privacy Engineering 80

Security Boulevard

MAY 22, 2023

GDPR Move for Mark’s Money: No legal way to move Europeans’ data to the US since 2015. The post Facebook Fined $1.3B — Zuckerberg Furious in GDPR Fight appeared first on Security Boulevard. cloud industry better take note.

Social Engineering 111

Social Engineering Data privacy Security Awareness Engineering 111

Security Boulevard

DECEMBER 8, 2023

The post Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan appeared first on Security Boulevard. TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again).

Phishing 83

Phishing Government Digital transformation Social Engineering 83

Security Boulevard

NOVEMBER 22, 2023

The post ‘LitterDrifter’ Russian USB Worm Leaks from Ukraine War Zone appeared first on Security Boulevard. FSB APT USB VBS LNK DLL: WTH? Flash drive sharing malware escapes Україна. Gamaredon fingered as perps.

Malware 81

Malware Social Engineering Data privacy Engineering 81

Security Boulevard

NOVEMBER 20, 2023

The post FCC’s Got New Rules for SIM-Swap and Port-Out Fraud appeared first on Security Boulevard. Too many times: Federal Communications Commission shuts stable door after horse bolted. But chairwoman Jessica Rosenworcel (pictured) was hoping it would save us.

Social Engineering 78

Social Engineering Authentication Scams Data privacy 78

Security Boulevard

NOVEMBER 3, 2023

appeared first on Security Boulevard. WEI is dead — long live WMI: Google backs down on Web Environment Integrity API, but its replacement is also problematic. The post VICTORY: Google WEI ‘Stealth DRM’ Plan is Dead (or is it?)

Social Engineering 80

Social Engineering Media Data privacy Engineering 80