Security Awareness Archives - Page 4 of 15

January 8, 2025

Bug in macOS, Gatekeeper’s security can be bypassed by malware.

The macOS operating system was recently patched for a security vulnerability that could be exploited by a threat actor to bypass “myriad foundational macOS security mechanisms” and run arbitrary code. Patrick Wardle described the discovery in a series of tweets on Thursday. According to CVE-2021-30853 (CVSS 5.5), the issue involves a scenario where a rogue…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security, Security Awareness, Threat Intelligence

#bug, #cyber-crime-news, #cybercrimenews, #macos, #malware, #tech, #vulnerability
January 8, 2025

Azure App Service Exposed Hundreds of Source Code Repositories after four years.

A security flaw has been discovered in Microsoft’s Azure App Service that exposed source code for customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. According to Wiz researchers, the vulnerability, codenamed “Not Legit,” was first reported to the tech giant on October 7, 2021, and…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security, Security Awareness, Threat Intelligence

#azure, #ccas, #cyber-crime-news, #cybercrimeawareness, #flaw, #microsoft, #tech, #vulnerability
January 8, 2025

ON Log4j Vulnerability CISA, FBI, and NSA publish a joint advisory.

The Australian, Canadian, New Zealand, U.S., and U.K. cyber security agencies released a joint advisory on Wednesday in response to the widespread exploitation of multiple vulnerabilities in Apache’s Log4j software library by malicious actors. “These vulnerabilities, especially Log4Shell, are severe,” the intelligence agencies stated in the new guidance. Cyber threat actors are actively scanning networks…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#apache, #ccas, #cyber-crime-news, #cyberalerts, #log4j, #malicious, #tech, #vulnerability
January 8, 2025

Bugs in Active Directory could allow hackers to take over Windows domain controllers.

Following the availability of a proof-of-concept (POC) tool on December 12, Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November. The two vulnerabilities are identified as CVE-2021-42278 and CVE-2021-42287. They both affect Active Directory Domain Services (AD DS) and have a severity rating of 7.5.…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#bugs, #ccas, #cyber-crime-news, #cybercrimenews, #hack, #microsoft, #tech, #vulnerability, #windows
January 8, 2025

Chinese government suspends the Alibaba deal because it did not share the 0-day of Log4j with the government.

The Ministry of Industry and Information Technology (MIIT) of China temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of the world’s largest e-commerce company, for six months after the company failed to promptly notify the government about a critical security vulnerability affecting the widely used Log4j logging library. Reports from 21st Century…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#china, #cyber-crime-news, #cybercrimenews, #log4j, #suspend, #tech, #vulnerability
January 8, 2025

CCG-NLUD’s Statement on International Cooperation to the Fifth Session of the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communication Technologies for Criminal Purposes

Sukanya Thapliyal As an accredited stakeholder to the United Nations Ad-hoc Committee, tasked to elaborate a comprehensive international convention on countering the use of information and communications technologies (ICTs) for criminal purposes (“the Ad Hoc Committee”), CCG-NLUD recently participated in the Fifth Session of this key process setting the stage for first universal and legally…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#cyber-crime, #cyber-norms, #international-law, #internet-governance, #multistakeholderism, #tech, #un-ad-hoc-committee, #uncategorized, #united-nations
January 8, 2025

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Week I of the Fifth Substantive Session.

By Sukanya Thapliyal Introduction Last month from April 11-21, 2023, the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies (ICTs) for Criminal Purpose held its Fifth Session in Vienna. As we reported earlier, the negotiating process has reached a pivotal stage, wherein the Member Countries…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#cyber-crime, #cyber-norms, #international-law, #internet-governance, #multistakeholderism, #tech, #un-ad-hoc-committee, #united-nations
January 8, 2025

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Week II of the Fifth Substantive Session

Sukanya Thapliyal In Part I of the two-part blog series, we briefed our readers on the developments that took place in the first week of the Fifth Session of the Ad-Hoc Committee. In Part II of the series, we aim to capture the key discussion on provisions on (i) technical assistance, (ii) preventative measures, (iii)…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#cyber-crime, #international-law, #multistakeholderism, #online-safety, #tech, #un-ad-hoc-committee, #united-nations
January 8, 2025

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Fourth Substantive Session

Sukanya Thapliyal Last month, the Centre for Communication Governance at National Law University Delhi had the opportunity to participate as a stakeholder in the Fourth Session of the United Nations Ad-hoc Committee, tasked to elaborate a comprehensive international convention on countering the use of information and communications technologies (ICTs) for criminal purposes (“the Ad Hoc…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#ad-hoc-commitee, #cyber-crime, #cyber-norms, #international-law, #international-negotiation, #tech
January 8, 2025

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Fourth Substantive Session (Part II)

Sukanya Thapliyal Introduction In Part I of this two-part blog series, we provided our readers a brief overview and observations from the discussions pertaining to the second reading of the provisions on criminalisation of offences under the proposed convention during the Fourth Session of the Ad-hoc Committee. In Part II of the series, we will…

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security Awareness, Threat Intelligence

#ad-hoc-commitee, #cyber-crime, #cyber-diplomacy, #cyber-norms, #international-law, #multistakeholderism, #online-extremism

Alireza Gharib Blog

Category: Security Awareness

Bug in macOS, Gatekeeper’s security can be bypassed by malware.

Azure App Service Exposed Hundreds of Source Code Repositories after four years.

ON Log4j Vulnerability CISA, FBI, and NSA publish a joint advisory.

Bugs in Active Directory could allow hackers to take over Windows domain controllers.

Chinese government suspends the Alibaba deal because it did not share the 0-day of Log4j with the government.

CCG-NLUD’s Statement on International Cooperation to the Fifth Session of the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communication Technologies for Criminal Purposes

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Week I of the Fifth Substantive Session.

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Week II of the Fifth Substantive Session

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Fourth Substantive Session

The United Nations Ad-hoc Committee for Development of an International Cybercrime Convention: Overview and Key Observations from Fourth Substantive Session (Part II)