lemmydev2

Philippines company allegedly run by Chinese national has form running scams The US Treasury has sanctioned a Philippine company and its administrator after linking them to the infrastructure behind the majority of so-called "pig butchering" scams reported to the FBI.…

In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stolen SAP SuccessFactor data.

82% of organizations already use AI agents, but only 44% of organizations report having policies in place to secure them, according to SailPoint. While 53% are in the process of developing such policies, the reality is that most remain exposed today. AI agents pose security risks for organizations 96% of technology professionals consider AI agents a growing risk, even as 98% of organizations plan to expand their use of them within the next year. The … More → The post AI agents have access to key data across the enterprise appeared first on Help Net Security.

Let's dive into the latest leap for Linux security: hardware-wrapped inline encryption keys. You might have heard about this feature making its way into the mainline Linux kernel with version 6.16. It's a fascinating piece of technology, particularly if you're someone who frets about keeping your data secure , especially against physical attacks. This feature, initially used in Android devices, promises to add a robust layer of security for encryption keys using dedicated hardware capabilities. It's been a niche topic until now, mainly because it required specific hardware support''something that's increasingly common in modern devices.

The PCI Security Standards Council (PCI SSC) has published a major revision to PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular Security Requirements from version 6.2 to version 7.0. The PCI PTS POI Modular Security Requirements document enhances security controls to defend against physical tampering and the insertion of malware that can compromise card data during payment transactions. 

Feds reduced maximum infringement amount from "tens of millions" to $40,000.

House Homeland Security Committee takes a field trip to Silicon Valley Chinese government spies burrowed deep into American telecommunications systems and critical infrastructure networks for one reason, according to retired US Army Lt. Gen. H.R. McMaster.…

Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.

The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service. [...]

Knickers outlet knackered Underwear retailer Victoria's Secret’s website has been down for three days, with the company blaming an unspecified security problem.…

Over 9,000 ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys. [...]