lemmydev2

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies. These enhanced features help this malware family steal and exfiltrate files and system and user information, such as digital wallet data and notes, among others. The post New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects appeared first on Microsoft Security Blog.

Non-password-protected, unencrypted 108GB database … what could possibly go wrong Exclusive  More than 86,000 records containing nurses' medical records, facial images, ID documents and more sensitive info linked to health tech company ESHYFT was left sitting in a wide-open misconfigured AWS S3 bucket for months — or possibly even longer — before it was closed it last week.…

Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in "extremely sophisticated" attacks. [...]

Experts say that the way you handle things after the criminals break in can make things better or much, much worse Feature  Experiencing a ransomware infection or other security breach ranks among the worst days of anyone's life — but it can still get worse.…

Crooks built bots to exploit astoundingly bad quotation website and made off with data on thousands New York State has sued Allstate Insurance for operating websites so badly designed they would deliver personal information in plain-text to anyone that went looking for it.…

CISOs face mounting pressure to spend wisely on security. Yet, many organizations remain vulnerable due to misplaced priorities and inefficient budgeting. This article explores common pitfalls and offers strategies to strengthen cybersecurity. Recent data highlights a paradox: while cybersecurity budgets rise, security incidents continue unabated. A survey by the Ponemon Institute revealed a 59% increase in cyber budgets year-over-year, yet 61% of organizations experienced a data breach or cybersecurity incident in the past two years. … More → The post Smart cybersecurity spending and how CISOs can invest where it matters appeared first on Help Net Security.

Researchers have criticised Microsoft's new Majorana 1 quantum computer, saying it has made claims about the way it works that aren't fully backed up by scientific evidence

Study finds 4 out of 6 providers don't do enough to stop impersonation Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports.…

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. [...]

Reuters: Sources: Apple and Meta are set to face modest fines for allegedly breaching the EU's DMA, which allows fines of up to 10% of companies' global annual sales  —  EU antitrust regulators are expected to hand out modest fines to Apple (AAPL.O) and Meta Platforms (META.O) for allegedly breaching …

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. [...]

In the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds.