Data breaches explained: Types, examples, and impact

Read Time:33 Second

What is a data breach?

A data breach is a security incident in which a malicious actor breaks through security measures to illicitly access data.  

Data about individuals—names, birthdates, financial information, social security numbers and driver’s license numbers, and more—lives in innumerable copies across untold numbers of servers at private companies, public agencies, and in the cloud. If someone who isn’t authorized to access personally identifiable information (PII) manages to get a look at it, that can have dire consequences both for the individual and for the organization that stored the data and was supposed to keep it safe.

To read this article in full, please click here

Read More

Cyberespionage groups increasingly target journalists and media organizations

Read Time:38 Second

Since early 2021 researchers have observed multiple attack campaigns by state-sponsored advanced persistent threat (APT) groups aimed at journalists and the media organizations they work for. The attacks targeted their work emails and social media accounts and often followed journalists’ coverage of stories that painted certain regimes in a bad light or were timed to sensitive political events in the U.S.

Journalists have always been an appealing target for spies due to the access they have to sensitive information and the trust that organizations and individuals generally place in them, which is why it’s imperative for members of the media to undergo online security training and be aware of the techniques used by state-linked hackers.

To read this article in full, please click here

Read More

Cyber Safety Review Board warns that Log4j event is an “endemic vulnerability”

Read Time:18 Second

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden’s May 2021 cybersecurity executive order. The public-private board comprises top cybersecurity personnel in the federal government and selected private sector information security professionals.

To read this article in full, please click here

Read More

python-ujson-5.4.0-1.el9

Read Time:28 Second

FEDORA-EPEL-2022-1026769ad3

Packages in this update:

python-ujson-5.4.0-1.el9

Update description:

Security fix for CVE-2022-31116 and CVE-2022-31117.

5.4.0

Added

Add support for arbitrary size integers

Fixed

CVE-2022-31116: Replace wchar_t string decoding implementation with a uint32_t-based one; fix handling of surrogates on decoding
CVE-2022-31117: Potential double free of buffer during string decoding
Fix memory leak on encoding errors when the buffer was resized
Integer parsing: always detect overflows
Fix handling of surrogates on encoding

Read More