Virtualization technology giant VMware on Tuesday shipped an urgent, high-priority patch to address an authentication bypass vulnerability in its Workspace ONE Access, Identity Manager and vRealize Automation products.
Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants
Cybersecurity professionals from Google’s threat hunting unit and the University of Toronto’s Citizen Lab are upping the pressure on mercenary hacking firms selling high-end surveillance spyware with fresh calls for the U.S. government to urgently clamp down on these businesses.
France Closes ‘Cookies’ Case Against Facebook
French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.
IBM Security: Cost of Data Breach Hitting All-Time Highs
A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher.
AWS Announces Enhancements to Cloud Security, Privacy, Compliance
Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.
Security, privacy, compliance and identity
European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there are fresh reports linking the hack attempt to a known North Macedonia spyware vendor.
German Consumer Group Sues Tesla Over Privacy, Climate
A German consumer group on Tuesday said it had sued US electric vehicles manufacturer Tesla over data privacy concerns and claims that buying its cars reduces emissions.
Moussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate
A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure, warning that such a move would “meaningfully and dramatically increase the risk” of zero-day flaws landing in the wrong hands.
New Deanonymization Attack Works on Major Browsers, Websites
Researchers with the New Jersey Institute of Technology have devised a new targeted deanonymization attack that relies on a cache side-channel and which they say is efficient on multiple architectures, operating systems, and browser versions, and works on major websites.
Researchers Say Thai Pro-Democracy Activists Hit by Spyware
Cybersecurity researchers reported details Monday of cases where Thai activists involved in the country’s pro-democracy protests had their cell phones or other devices infected and attacked with government-sponsored spyware.
