Google has rolled out its Privacy Sandbox feature in the Chrome web browser, replacing third-party tracking cookies with a system that tracks topics of interest to deliver personalized ads, while allowing users to customize their ad topics and control the relevance of ads through the settings.
A report by cybersecurity consultancy Savanti reveals that 59% of directors feel their board is not effective in understanding cyber risks, putting businesses at a higher risk of attacks.
Zscaler ThreatLabz has discovered the Steal-It cyber attack campaign, believed to be the work of APT28 (Fancy Bear), which targets compromised Windows systems in Australia, Poland, and Belgium, utilizing a customized version of Nishang’s Start-CaptureServer PowerShell script to steal NTLMv2 hashes.
The US government has issued an order for federal civilian agencies to address a critical vulnerability in Apache RocketMQ, a distributed messaging and streaming platform, which is currently being actively exploited by threat actors.
Cisco has released patches for a critical security vulnerability in its BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform, which allows a remote, unauthenticated attacker to forge credentials and gain unauthorized access to affected systems, potentially leading to toll fraud, execution of commands with forged account privileges, reading sensitive data, and modifying customer settings.
North Korean threat actors have been posing as fellow researchers to target cybersecurity professionals, using social media platforms and encrypted messaging apps to establish relationships and send malware-infected files to gain access to their systems, in an effort to steal information and refine their tactics.
