The Hacker News Daily Updates

"Western Digital hit by Network Security Breach."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 03 April 2023, 1350 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGsltJScgqJZjpNZVBZbzTNwzDr ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates
Newsletter
cover

THN Webinar: Master the Six Phases of Incident Response

React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Download NowSponsored
LATEST NEWSApr 3, 2023

Western Digital Hit by Network Security Breach - Critical Services Disrupted!

Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems. The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "number of the company's systems." Following the discovery of the hack, Western Digital said it has initiated incident response efforts and ...

Read More
TwitterFacebookLinkedIn

Italian Watchdog Bans OpenAI's ChatGPT Over Data Protection Concerns

The Italian data protection watchdog, Garante per la Protezione dei Dati Personali (aka Garante), has imposed a temporary ban of OpenAI's ChatGPT service in the country, citing data protection concerns. To that end, it has ordered the company to stop processing users' data with immediate effect, stating it intends to investigate the company over whether it's unlawfully processing such data ...

Read More
TwitterFacebookLinkedIn

Top 5 Free Endpoint Management Tools

Stay secure and support your work-from-anywhere workplace with no VPN with the best in class free tools trusted by thousands of global enterprises. Patching, remote access and management, software deployment, IT asset inventory – get started now with the top 5 free endpoint management ...

Read More
TwitterFacebookLinkedIn

"It's The Service Accounts, Stupid": Why Do PAM Deployments Take (almost) Forever To Complete

Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the harsh reality is that the vast majority of PAM projects either become a years-long project, or ...

Read More
TwitterFacebookLinkedIn

Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service

A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for hijacking purposes," Trend Micro ...

Read More
TwitterFacebookLinkedIn

Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps

Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing users," cloud ...

Read More
TwitterFacebookLinkedIn

Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation

Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a ...

Read More
TwitterFacebookLinkedIn

Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!

Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. "Improved code security enforcement in WooCommerce components," the ...

Read More
TwitterFacebookLinkedIn
cover

THN Webinar: Master the Six Phases of Incident Response

React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Download NowSponsored

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.