In “Incognito Mode,” Google will remove billions of browsing records.
As part of the settlement of a class action lawsuit, Google has agreed to delete billions of data records that show users’ browsing activity without their knowledge or consent while using its Chrome browser. The class action lawsuit, filed in 2020, claimed that the firm had deceived consumers…
0 Comments4 Minutes
ZenHammer Attack Gets Around AMD CPUs’ Rowhammer Defenses
For the first time, ETH Zurich cybersecurity researchers have created a new version of the RowHammer DRAM (dynamic random-access memory) ZenHammer Attack that is effective against AMD Zen 2 and Zen 3 systems even in the face of mitigations like Target Row Refresh (TRR). “This result proves…
0 Comments6 Minutes
Microsoft SharePoint Vulnerability Under Attack by Hackers
The United States Cybersecurity and Infrastructure Security Agency (CISA) has recently flagged a critical security flaw impacting the Microsoft SharePoint Server, escalating it to the Known Exploited Vulnerabilities (KEV) list. This move comes in response to compelling evidence indicating ongoing…
0 Comments4 Minutes
The Role of a Cybersecurity Specialist
A cybersecurity specialist is tasked with the ongoing responsibility of identifying, monitoring, and countering cyber threats. These professionals are not just observers; they actively design, implement, and maintain robust security systems to protect sensitive data from cyber-attacks. Without…
2 Comments8 Minutes
CISA Alerts: Flaws in Fortinet, Ivanti, & Nice Products Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently expanded its Known Exploited Vulnerabilities (KEV) list, highlighting three critical security flaws. This update comes with a warning, as evidence suggests these vulnerabilities are actively being exploited. The following are…
0 Comments4 Minutes
Apple M-Series Chips’ New “GoFetch” Vulnerability Exposes Secret Encryption Keys
The vulnerability, dubbed GoFetch, is related to a microarchitectural side-channel attack that targets constant-time cryptographic implementations and retrieves sensitive data from the CPU cache by utilizing a feature called data memory-dependent prefetcher (DMP). The results were communicated to…
0 Comments7 Minutes
Cybersecurity guide for small businesses in Canada.
As the digital landscape evolves, so too do the cybersecurity threats that target our information systems. For businesses, especially in the tech-centric world we now inhabit, staying ahead of these threats is not just advisable—it’s imperative. This article will delve into the latest trends…
1 Comment20 Minutes
DNS over HTTPS Gives Users a “False Sense of Security”
Businesses that use encrypted DNS over HTTPS services run the risk of creating a false feeling of security and possibly even breaking their own DNS-monitoring systems, according to a warning from the US National Security Agency (NSA). DNS over HTTPS (DoH), which shields DNS traffic between a client…
0 Comments3 Minutes
AI-Powered code scanning autofix Debuts on GitHub
On Wednesday, GitHub made the announcement that it will be making a feature on a code scanning autofix accessible in public beta for all Advanced Security clients. The purpose of this function is to make individualised recommendations in an effort to prevent the introduction of new…
0 Comments5 Minutes
Loop DoS attack has effect on thousands of different systems.
There is a new denial-of-service (Loop DoS attack) vector that has been discovered. This attack vector targets application-layer protocols that are based on User Datagram Protocol (UDP), which puts hundreds of thousands of hosts at risk. Loop denial of service attacks are a method that involves…
0 Comments5 Minutes