Sometimes, we need to escape the reality of the real world and detach from reality. In this world centered around technology, fewer people are relaxing by candlelight with a good book, and more are choosing to substitute the physical world by bringing in elements from augmented reality. Unfortunately, the privacy issues we face in the real world from companies are still present in augmented reality.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of real nasty Open Source issues in the past week. The first and most recent is Ghostscript. Could well be a lot of SaaS products affected.

Read Also: Four cybercrime ring members arrested for hacking government websites, teen gets one year in prison for hacking teacher’s laptop, and more.

For both white-hat and black-hat operators, the infamous “RockYou” lists have been a staple of the cyber-security landscape for well over a decade. They are lists of passwords, compiled and repeatedly expanded upon with data leaked over the years to form, in its most recent iteration, a list of approximately 10 billion plain-text passwords.

DDI Central takes a giant leap forward in simplifying network management for IT infrastructures housing Microsoft DNS and DHCP servers. This is a significant milestone for the platform, as it brings unparalleled convenience and efficiency to Microsoft Windows Server users all over the globe, enabling seamless integration and robust control over their distributed Microsoft network infrastructure.

Effective identity and access management (IAM) is crucial to both data security and regulatory compliance. Closely governing identities and their access rights is vital to ensuring that each individual has access to only the business systems, applications and data that they need to perform their roles. IAM reduces the risk of accidental data exposure or deletion by account owners, while also limiting the damage that could be done by a malicious actor who compromises a user account.

In 2023, Amazon Prime Day totaled $12.9 billion in sales in only 48 hours. With limited-time deals, many Amazon users get ready to shop during Prime Day and scammers use this to their advantage. As you get ready to shop, it’s important to be aware of the scams that take place before, during and after this event. Some common scams to look out for during Amazon Prime Day include phishing scams, spoofed Amazon websites and deals from other websites that seem too good to be true.

Strong passwords are more important than ever in 2024 because they are the first line of defense against cyber attacks. While some companies have started to introduce passkeys to strengthen and expedite the login process, strong passwords are still needed when creating most accounts. A passkey replaces a username and password and has built-in Multi-Factor Authentication (MFA) by design. Strong passwords have been the foundation of any account, and in 2024, they will remain important.

On July 8th, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI) along with several international partners issued an urgent advisory outlining a People’s Republic of China (PRC) state-sponsored cyber group targeting Australian and U.S. enterprises.