Cyber Security Today, Jan. 25, 2023 – Data Privacy Week advice, terrible patching statistics and more
This episode reports on the aftermath for GoTo customers after a supply chain cyberattack, vulnerabilities in Samsung’s Galaxy App Store, problems with password manager
Netflix to begin charging for password sharing in no distant time
Netflix has announced that its password sharing crackdown program will be officially launched soon. While no date has been confirmed, Netflix stated that the password-sharing measures would be implemented later in the first quarter of this year, implying that they will be in place by the end of March. Announcing its Q4 results, Netflix said […]
Manufacturers concerned over refusal of consumers to connect their smart devices to the internet
Smart appliance manufacturers are perplexed as to why the vast majority of their customers never connect their devices to the internet. LG Electronics, for example, stated that less than half of the smart appliances it has sold remain connected to the internet.
LearnPress patches multiple vulnerabilities
LearnPress, a WordPress LMS plugin, has released security updates to address multiple critical vulnerabilities that affected approximately 75,000 WordPress sites. One of flaws is CVE-2022-47615; where an unauthenticated local file inclusion allows an attacker to view the contents of local files stored on the web server, potentially exposing credentials, authorization tokens, and API keys. The […]
ChatGPT passes Medical and MBA exams
Two separate research papers have disclosed that ChatGPT has the ability to pass the United States Medical Licensing Exam and earn an MBA from an Ivy League business school. One study was led by Christian Terwiesch, a professor at the University of Pennsylvania’s Wharton School, and a group of medical researchers mostly affiliated with Ansible […]
60% of cybersecurity recommendations ignored by Federal depts, says GAO
According to the U.S. Government Accountability Office (GAO), Congress’ auditing and investigative arm, it has been shouting into the void since 2010, with approximately 60% of its 335 cybersecurity recommendations not being implemented. Since 2010, GAO said it has made approximately 335 recommendations in public reports on developing a comprehensive cybersecurity strategy and performing oversight. […]
Customers backup and encryption keys amongst stolen credentials during LastPass hack
GoTo Technologies, the parent company of password manager LastPass, has informed its customers that during a recent breach of its systems, hackers obtained encrypted backups and an encryption key to access some of them. According to a blog post to customers, GoTo discovered that a threat actor exfiltrated encrypted backups from a third-party cloud storage […]
Apple releases iOS 16.3
Apple’s iOS 16.3, the third major update to the iOS 16 operating system, has been made available to all supported devices. The update enables the use of physical security keys for two-factor authentication. In celebration of Black History Month, it includes a new “Unity” wallpaper that honors Black history and culture. The update also includes […]
Laid off Indian workers scrambling to remain in U.S.
Thousands of Indian IT professionals in the United States who have lost their jobs due to recent layoffs at companies like Google, Microsoft, and Amazon are having difficulty finding new jobs within the time frame required by their work visas to remain in the country. To make matters worse, many high-profile companies, including Google, halted […]
DoJ, eight states sue Google over ad monopoly
The U.S. Department of Justice and eight US states have filed a major antitrust lawsuit against Alphabet, Google’s parent company, alleging that it has unlawfully misused its dominance in digital advertising. The suit claims that Google has “corrupted legitimate competition in the ad tech industry by engaging in a systematic campaign to seize control of […]
