Before accessing information about your company while working remotely, get approval and instructions first. It is always crucial to take security measures before accessing confidential and sensitive information from your company. When you're at home or on the go, your internet connection might not be as secure, providing hackers a chance to steal your data. Connect to a secure VPN ( Virtual Private Network ) connection provided by your company. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Never access work-related information on public computers. Regardless of whether you are in a café or the business center of a hotel, the computers in these public spaces might be infected with malicious malware or have other significant security flaws. Even when you're done using the computer, you could unintentionally leave behind sensitive or confidential data that can be accessed later by a stranger. If you need to work away from the office, only use your company-provided computer. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

If you suddenly stop receiving mail, it could be a warning sign of identity theft. One common tactic used by identity thieves is to file a change of address to divert your mail to themselves, allowing them to gather the information they need to steal your identity. To prevent this, regularly check your account settings for any suspicious activity and report it immediately.

Got questions? Submit a ticket at [PB8324.3] Data Security Support.

Avoid falling for social media impersonation frauds involving people you know. Be on the lookout for strange emails or posts from your friend's account might have they been hacked and the hacker may be using it to send messages to all of their contacts in an effort to swindle them out of money. You might receive a message, for instance, requesting that you send money right away to a friend. Call them to confirm that the message is genuine before you do anything, such as pay money or give personal information. 

Got questions? Submit a ticket at [PB8324.3] Data Security Support.
 

Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers who uncover potential threats specific to generative artificial intelligence (AI) systems. This initiative aims to enhance AI safety and security by addressing concerns like unfair bias, model manipulation, and data misinterpretations associated with generative AI. The program covers various categories, including prompt injections, data leakage from training datasets, model manipulation, adversarial attacks, and model theft.

In addition to this, Google has established an AI Red Team to combat AI system threats under its Secure AI Framework (SAIF). They are also working to reinforce the AI supply chain by participating in open-source security initiatives like Supply Chain Levels for Software Artifacts (SLSA) and Sigstore, which provide tools for software verification and identifying...

Binarly's recent findings reveal a security loophole in the Lighttpd web server utilized within baseboard management controllers (BMCs), left unaddressed by major device manufacturers like Intel and Lenovo. Originally discovered and patched by Lighttpd maintainers in August 2018, the absence of a CVE identifier or advisory led to its oversight by developers of AMI MegaRAC BMC, thus integrating it into Intel and Lenovo products.

Lighttpd, known for its speed, security, and efficiency, harbored an out-of-bounds read vulnerability silently fixed by Lighttpd maintainers, which could facilitate data exfiltration, including process memory addresses, undermining crucial security measures like ASLR.

Binarly emphasizes the detrimental impact of lacking prompt and critical security information, hindering effective handling of fixes along...

Google has delayed its plan to remove third-party tracking cookies from its Chrome browser amid ongoing concerns from U.K. regulators about its Privacy Sandbox initiative. The company is working closely with the U.K. Competition and Markets Authority (CMA) to address these issues and hopes to reach an agreement by the end of the year. 

The new timeline involves beginning the phase-out of third-party cookies early next year, marking the third postponement since the plan was announced in 2020. Privacy Sandbox offers privacy-focused alternatives to tracking cookies for personalized advertising. Although Google has introduced some features to a subset of Chrome users, the U.K. watchdogs monitor the implementation to ensure it benefits consumers and doesn't favor Google's advertising technology. 

Meanwhile, Apple and Mozilla...

Hey there! Are you ready to test your cybersecurity knowledge and earn some rewards? Take our November 2023 Cybersecurity Quiz and see how well you stack up against the latest threats and best practices.

We've crafted this quiz to challenge your security posture with 15 interactive questions. Answer at least 80% correctly, and you'll be awarded 300 DREAMPOINTS!

• Ensure you are logged in to Security Tips with your Cloudstaff Google account to access the quiz.
• Navigate to 'Quizzes' in the menu. 
• From there, select the 'November 2023 Cybersecurity Awareness Quiz' or simply click the following link: https://securitytips.cloudstaff.com/quizzes/view/100 

It's that easy!

Don't wait any longer to test your cybersecurity knowledge and earn rewards. Take our quiz now and see how much you know about protecting yourself and your...