#cybersecurity | #infosec | We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw

About two weeks ago alarm bells rang over a newly-discovered (and unpatched) flaw in Citrix servers. The vulnerability, technically dubbed CVE-2019-19781 but also known as “Shitrix”, was found to be present on Citrix Application Delivery Controller and Citrix Gateway servers (formerly known as Netscaler ADC and Netscaler Gateway respectively) commonly…

read more

#cybersecurity | #infosec | You want your photo removed from our facial recognition database? Just send us your photo and government-issued ID…

My hunch is that you wouldn’t be happy when you find out a company has been scooping up the personal photos you upload to Facebook or Twitter, and feeding them into its facial recognition database without your permission. But that’s precisely what a controversial firm you’ve probably never heard of…

read more

UN report alleges that Saudi crown prince hacked Jeff Bezos’s phone – Naked Security

A forensic examination of Amazon CEO Jeff Bezos’s mobile phone has pointed to it having allegedly been infected by personal-message-exfiltrating malware – likely NSO Group’s notorious Pegasus mobile spyware – that came from Saudi Arabia’s Crown Prince Mohammed bin Salman’s personal WhatsApp account. The United Nations backed up the allegation…

read more