Security Affairs

JULY 31, 2022

A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ). ONVIF provides and promotes standardized interfaces for effective interoperability of IP-based physical security products.

Authentication 142

Authentication Manufacturing Security Access 142

The Guardian Data Protection

JULY 31, 2022

Prof Hany Farid says all online services should adopt idea backed by GCHQ and National Cybersecurity Centre Apple should take heed of warnings from the UK’s security services and revive its controversial plans to scan iPhones for child abuse imagery, the inventor of the scanning technology has argued. Prof Hany Farid, an expert in image analysis at University of California, Berkeley, is the inventor of PhotoDNA, an “image hashing” technique used by companies across the web to identify and remove

Cybersecurity 93

Cybersecurity Security IT Privacy 93

Security Affairs

JULY 31, 2022

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. Trend Micro researchers uncovered a malicious campaign that leveraged 17 seemingly harmless Android dropper apps, collectively tracked as DawDropper, on the Google Play Store to distribute banking malware. The DawDropper apps are masqueraded as productivity and utility apps such as document scanners, VPN services, QR code readers, and call recorders.

Cloud 116

Cloud Security IT Information Security 116

WIRED Threat Level

JULY 31, 2022

Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.

Security 98

Security 98

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. MBDA is a European multinational developer and manufacturer of missiles that was the result of the merger of the main French, British and Italian missile systems companies ( Aérospatiale – Matra , BAE Systems, and Finmeccanica (now Leonardo).

Manufacturing 115

Manufacturing Military Archiving Cybersecurity 115

Security Affairs

JULY 31, 2022

The Federal Communications Commission (FCC) warned Americans of the rising threat of smishing (robotexts) attacks. The Federal Communications Commission (FCC) issued an alert to warn Americans of the rising threat of smishing (robotexts) attacks aimed at stealing their personal information or for financial scams. “The FCC’s Robocall Response Team is alerting consumers to the rising threat of robotexts.

Communications 96

Communications Government IT Security 96

Info Source

JULY 31, 2022

DIR 8-1-2022. To open and read this issue as a PDF (or to download): Click here.

40

40

Security Affairs

JULY 31, 2022

North Korea-linked threat actor SharpTongue is using a malicious extension on Chromium-based web browsers to spy on victims’ email accounts. North Korea-linked actor SharpTongue has been using a malicious extension on Chromium-based web browsers to spy on victims’ Gmail and AOL email accounts. Researchers from cybersecurity firm Volexity tracked the threat actors as SharpTongue, but its operation overlaps with the one of the Kimsuky APT group.

Passwords 86

Passwords Cybersecurity IT Security 86

Security Affairs

JULY 31, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report CISA orders to patch an actively exploited flaw in Confluence servers Microsoft experts linked the Raspberry Robin malware to Evil Corp operation Strong Authentication – Robust Identit

CMS 75

CMS Security MDM Ransomware 75

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk