Aggregator

iProov launched iProov Workforce MFA. This device-independent, FIDO Alliance-certified, biometric authentication solution helps organizations mitigate the risk of one of workforce security’s most crucial concerns: account takeover. Using biometric authentication as part of an MFA process adds an irrefutable layer of identity confirmation to help organizations prevent significant financial losses, reputational damage, and operational disruptions. The solution can be used in conjunction with passkeys, or independently of the device, enabling it to run on users’ … More →

The post iProov Workforce MFA mitigates risk of account takeovers appeared first on Help Net Security.

前 Facebook/Meta 员工 Sarah Wynn Williams 的新书《Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism》遭到社交巨头的强烈反对，认为该书充斥着谎言。3 月 12 日，紧急仲裁员站在 Meta 这边，认为 Wynn Williams 可能违反了离职时与 Facebook 签订的“不贬低”合同，禁止她继续售卖或宣传这本书。出版商 Macmillan 坚持出版该书，认为仲裁令对它没有影响。Meta 的反对推动本书成为畅销书，目前它位居《纽约时报》畅销书排行榜第一名，亚马逊畅销书排行榜第三名。仲裁令还禁止 Wynn Williams 接受纸媒和广播新闻媒体的采访，她在上周递交了紧急动议，寻求推翻仲裁令，称其离职时签署的不贬低条款是不可执行的，违反了保护告密者免受报复的法律。

攻击者利用可信托管服务，频繁更新页面，威胁用户输入凭证，亟需警惕。

North Korea has taken a significant step in enhancing its cyber warfare capabilities by establishing a new research center, known as Research Center 227, under the military’s Reconnaissance General Bureau (RGB). This move is part of a broader strategy to bolster the country’s offensive cyber operations, particularly focusing on AI-powered hacking technologies. Background and Objectives […]

The post North Korea Launches Military Research Facility to Strengthen Cyber Warfare Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Mozilla Firefox up to 126. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-5701. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 126. This affects an unknown part of the component Fullscreen Handler. The manipulation leads to clickjacking. This vulnerability is uniquely identified as CVE-2024-5698. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Firefox up to 126. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to incorrect comparison. This vulnerability was named CVE-2024-5699. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 126. Affected is an unknown function of the component Built-In Screenshot Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-5697. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A new strain of malware, known as SvcStealer, has emerged as a significant threat in the cybersecurity landscape. This malware is primarily delivered through spear phishing attacks, where malicious attachments are sent via email to unsuspecting victims. The SvcStealer campaign was first observed in late January 2025 and has been designed to harvest a wide […]

The post SvcStealer Malware Strikes, Harvesting Sensitive Data from Browsers and Applications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are looking to compromise Google accounts to further malvertising and data theft

A vulnerability was found in Amazon CloudTrail S3. It has been rated as problematic. This issue affects some unknown processing of the component S3 API. The manipulation leads to information exposure through error message. The attack may be initiated remotely. There is no exploit available. This product is a managed service. It is not possible for users to maintain vulnerability countermeasures themselves.

香港，网安企业出海的“低风险试验场”和“高压测试场”。

香港，网安企业出海的“低风险试验场”和“高压测试场”。

香港，网安企业出海的“低风险试验场”和“高压测试场”。

香港，网安企业出海的“低风险试验场”和“高压测试场”。