Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S. – OfficialSarkar

Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S. – OfficialSarkar

Aug 26, 2024Ravie LakshmananGDPR / Data Protection The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. “The Dutch DPA found that Uber transferred personal data of European taxi drivers…

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access – OfficialSarkar

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access – OfficialSarkar

Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. “An improper access control vulnerability…

6 Ways to Protect Sensitive Data with Secure Collaboration – OfficialSarkar

6 Ways to Protect Sensitive Data with Secure Collaboration – OfficialSarkar

Aug 26, 2024The Hacker NewsData Security / Compliance Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that…

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms – OfficialSarkar

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms – OfficialSarkar

Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent- and implementation-based flaws, could have severe consequences, ranging from arbitrary code execution to loading malicious datasets….

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks – OfficialSarkar

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks – OfficialSarkar

Aug 26, 2024Ravie LakshmananSoftware Security / Vulnerability Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the…

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards – OfficialSarkar

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards – OfficialSarkar

Aug 26, 2024Ravie LakshmananFinancial Fraud / Mobile Security Cybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware…

New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules – OfficialSarkar

New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules – OfficialSarkar

Aug 25, 2024Ravie LakshmananFinancial Fraud / Cybercrime Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon’s Stroz Friedberg incident response services…

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures – OfficialSarkar

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures – OfficialSarkar

Aug 25, 2024Ravie LakshmananLaw Enforcement / Digital Privacy Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe…

Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp – OfficialSarkar

Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp – OfficialSarkar

Aug 24, 2024Ravie LakshmananElection Security / Threat Intelligence Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The…

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September – OfficialSarkar

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September – OfficialSarkar

Aug 24, 2024Ravie LakshmananVulnerability / Government Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the “Change Favicon”…