Blog

22Oct 2024 by

5 new protections on Google Messages to help keep you safe (Google Online Security Blog)

Actualités, Sécurité
Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Stephan Somogyi, Product Lead, User Protection; Branden Archer, Software Engineer Every day, over a billion people use Google Messages to communicate. That’s why we’ve made security a top priority, building in powerful on-device, AI-powered filters and advanced security that protects users from 2 billion suspicious messages a month. With end-to-end encrypted1 RCS conversations, you can communicate privately with other Google Messages RCS users. And we’re not stopping there. We're committed to constantly developing new controls and features to make your conversations on Google Messages even more secure and private. As part of cybersecurity awareness month, we're sharing five new protections to help keep you safe while…
Read More
22Oct 2024 by

5 new protections on Google Messages to help keep you safe

Actualités
Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Stephan Somogyi, Product Lead, User Protection; Branden Archer, Software Engineer Every day, over a billion people use Google Messages to communicate. That’s why we’ve made security a top priority, building in powerful on-device, AI-powered filters and advanced security that protects users from 2 billion suspicious messages a month. With end-to-end encrypted1 RCS conversations, you can communicate privately with other Google Messages RCS users. And we’re not stopping there. We're committed to constantly developing new controls and features to make your conversations on Google Messages even more secure and private. As part of cybersecurity awareness month, we're sharing five new protections to help keep you safe while…
Read More
22Oct 2024 by

Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks

Actualités
Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host," researchers Abdelrahman Esmail and Sunil Bharti said in a technical
Read More
22Oct 2024 by

Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers

Actualités
Details have emerged about a now-patched security flaw in Styra's Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local user account to a remote server, potentially allowing the attacker to relay the authentication or
Read More
22Oct 2024 by

A Comprehensive Guide to Finding Service Accounts in Active Directory

Actualités
Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory (AD), and explore how Silverfort’s solutions can help enhance your
Read More
22Oct 2024 by

Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor

Actualités
Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell (SSH) protocol. The packages attempt to "gain SSH access to the victim's machine by writing the attacker’s SSH public key in the root user’s authorized_keys file," software supply
Read More
22Oct 2024 by

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies

Actualités
Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts. Tracked under the names BlackWidow, IceNova, Lotus,
Read More