News
Information Content Security
10 de maio de 2024
Selfie spoofing becomes popular identity document fraud technique
Document image-of-image was the most prevalent identity (ID) document fraud technique in 2023, occurring in 63% of all IDs that were rejected, according to Socure. Selfie spoofing and impersonations dominate document-related identity fraud Document image-of-image occurs when the user takes a photograph or uses a screenshot image of an ID, rather than providing a live capture of the document. Document headshot tampering takes place when a user purposefully manipulates facial imagery. And, selfie spoofing entails … More → The post Selfie spoofing becomes popular identity document fraud technique appeared first on Help Net Security.
9 de maio de 2024
Debian Security Advisory 5682-1
Debian Linux Security Advisory 5682-1 - Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage of this flaw to cause a GDBus-based client to behave incorrectly, with an application-dependent impact.
8 de maio de 2024
Attackers may be using TunnelVision to snoop on users' VPN traffic (CVE-2024-3661)
Researchers have brought to light a new attack method - dubbed TunnelVision and uniquely identified as CVE-2024-3661 - that can be used to intercept and snoop on VPN users' traffic by attackers who are on the same local network. “This is particularly dangerous for people who rely on VPNs to keep them safe, such as journalists and political dissidents,” Leviathan Security researchers Dani Cronce and Lizzie Moratti explained. The attack is imperceptible to the regular … More → The post Attackers may be using TunnelVision to snoop on users' VPN traffic (CVE-2024-3661) appeared first on Help Net Security.
7 de maio de 2024
Abnormal extends Account Takeover Protection to cloud apps, introduces AI Security Mailbox
Abnormal Security is expanding its Account Takeover Protection product line beyond email to provide visibility into cross-platform user behavior and centralize compromised account detection and remediation across identity, collaboration, and cloud infrastructure applications. In addition, the company is launching AI Security Mailbox, which provides a new AI-powered coworker that promotes security awareness through real-time conversations between employees and an AI security analyst, while also automating the triage and remediation of user-reported emails. “As an AI-native … More → The post Abnormal extends Account Takeover Protection to cloud apps, introduces AI Security Mailbox appeared first on Help Net Security.
7 de maio de 2024
Detecting XFinity/Comcast DNS Spoofing, (Mon, May 6th)
ISPs have a history of intercepting DNS. Often, DNS interception is done as part of a "value add" feature to block access to known malicious websites. Sometimes, users are directed to advertisements if they attempt to access a site that doesn&#;x26;#;39;t exist. There are two common techniques how DNS spoofing/interception is done:
7 de maio de 2024
Novel TunnelVision Attack Against Impacts Virtually All VPN Apps Through DHCP Server Manipulation
The TunnelVision attack is a newly discovered method that can compromise the security of most Virtual Private Network (VPN) applications by diverting traffic away from the encrypted tunnel, exposing it to potential interception.