NHS Warns of Hackers Targeting Log4j Flaws in VMware HorizonThe Hacker News

The digital security team at the U.K. National Health Service (NHS) has raised the alarm on active exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an unknown threat actor to drop malicious web shells and establish persistence on affected networks for follow-on attacks. "The attack likely consists of a reconnaissance phase,...

Read more...

Facebook Launches ‘Privacy Center’ to Educate Users on Data Collection and Privacy OptionsThe Hacker News

Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps. "Privacy Center provides helpful information about five common...

Read more...

Cina, il caso del software che “spia” le opinioni dell’estero: ecco gli impatti per la democrazia digitaleFranco Pizzetti

Un articolo del Washington Post rivela che il public opinion analysis software della Cina, usato per vigilare sull'uso della rete entro i confini nazionali, dal 2020 sarebbe impiegato per raccogliere e conservare dati su obiettivi e pensieri stranieri: uno spunto per riflettere sul tema della democrazia nell'era digitale L'articolo Cina,...

Read more...

Log4Shell-like Critical RCE Flaw Discovered in H2 Database ConsoleThe Hacker News

Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j "Log4Shell" vulnerability that came to light last month. The issue, tracked as CVE-2021-42392, is the " first critical issue published since Log4Shell, on a component other than Log4j,...

Read more...