OpenSSL vulnerability now rated ‘high’ but should be taken seriously
One worry is the vulnerabilbe OpenSSL 3.0 is embedded in firewalls, VPNs, switches a
Proposed privacy law ‘pretty well balanced,’ Canadian marketers told
A panel of experts at the Canadian Marketing Association’s privacy conference looked at the proposed law an
Countries band together to better fight ransomware, set ‘priority targets’
36 nations to form a task force to co-ordinate efforts, work closer with tech companies and set ‘priority targets’ through a single
YouTube launches Primetime Channels
YouTube has launched a new streaming hub called Primetime Channels to make it easier for customers to watch shows and to unify and sell content from 34 streaming partners on YouTube. Content from Primetime Channels will be visible alongside other YouTube content, including recommendations and searches among purchased content. Alphabet, Google’s parent company, previously launched […]
AMD posts 29% revenue growth amid data center boom
In extended trading, AMD shares rose as much as 6% after the chipmaker indicated that its server chip business will grow in the coming quarters despite falling profits from the PC market. It also announced that it had gained strength in its data center business and pledged to be cautious about spending as the PC […]
Unofficial patch for Windows MotW Zero-Day released
A cybersecurity company has released a free unofficial patch to fix an actively exploited Windows bug that allows files signed with erroneous signatures to avoid Mark-of-the-Web security warnings in Windows 10 and 11. Previously, the threat actors used standalone JavaScript files to install the Magniber ransomware on the devices of the victims, especially on home […]
OpenSSL fixes two high severity vulnerabilities
The OpenSSL project has fixed two high-severity security vulnerabilities that are being tracked as CVE-2022-3602 and CVE-2022-3786. CVE-2022-3602 is an arbitrary 4-byte stack buffer overflow that may cause crashes or lead to remote code execution (RCE). CVE-2022-3786 can be exploited by malicious mail addresses to trigger a DoS via a buffer overflow. These two vulnerabilities […]
Cyber Security Today, Nov. 2, 2022 – Unhappy infosec leaders, a list not to be on and more
This episode reports on infosec leaders considering leaving their jobs, hacked company access being sold and a warning about clicking on search
Hackers compromise Dropbox, steal 130 code repositories
Dropbox has confirmed a data leak that gave attackers access to one of the company’s GitHub accounts using stolen employee data. Dropbox is a file hosting service that provides cloud storage, file synchronization, personal cloud and client software. “To date, our investigation has found that the code accessed by this threat actor contained some credentials—primarily, […]
Twitter loses regular staff after Musk takeover
Following an exodus of advertising and marketing executives just days after Elon Musk’s takeover, Twitter’s workforce continues to shrink, with departures either voluntary, involuntary or consensual. Among the involuntary departures were CEO Parag Agrawal, Chief Financial Officer Ned Segal, and legal affairs and policy chief Vijaya Gadde, all of whom were reportedly fired by Musk. […]
