Discord Finds Age Identification May Have Privacy Concerns

Discord Finds Age Identification May Have Privacy Concerns

Discord Drops Persona Age Verification, SolarWinds Serv-U Critical RCEs, Splunk Windows Priv Esc, and Smart TV Screenshot Surveillance Lawsuits

In this episode of Cybersecurity Today, host Jim Love covers Discord ending its age-verification experiment with Persona after user backlash and researcher findings that Persona's front-end code suggested up to 269 verification checks, including watch list screening and risk scoring, amid already-thin trust following an earlier breach that exposed government ID images. The show also highlights SolarWinds Serv-U 15.5.0.4 patches for four critical (CVSS 9.1) remote code execution vulnerabilities (CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541), noting they require high privileges and that self-hosted Windows/Linux instances must be upgraded, with estimates ranging from under 1,200 to over 12,000 internet-exposed servers. Splunk discloses a high-severity Windows privilege escalation flaw (CVE-2025-2386, CVSS 8.0) caused by incorrect install-directory permissions in versions before 10.0.0.2, 9.4.0.6, 9.3.0.8, and 9.2.10, enabling local users to potentially escalate privileges and tamper with logging. Finally, Texas Attorney General Ken Paxton sues Samsung, Sony, LG, Hisense, and TCL, alleging smart TVs use automated content recognition to capture screen content—potentially up to twice per second—and transmit it without meaningful consent, with implications for both home viewing and confidential business use; the episode emphasizes reviewing and disabling ACR settings and accounting for network-connected screens in security models.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst

00:00 Sponsor Message Meter
00:20 Discord Age Verification Backlash
01:37 Persona Code Raises Alarms
03:08 SolarWinds Serv-U Critical RCEs
04:51 Splunk Windows Priv Esc
06:18 Smart TV Screenshot Surveillance
08:35 Wrap Up and Sponsor Thanks

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(100)

ShareFile explained, healthcare in critical cyber condition and click fix tops malware charts

ShareFile explained, healthcare in critical cyber condition and click fix tops malware charts

ShareFile emergency explained, a year of Salesforce breaches examined, healthcare cybersecurity in critical condition and click fix goes number one for malware.  David Shipley covers Progress Software...

15 Juli 13min

ShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing

ShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing

ShareFile shutdown order, a double-agent ransomware negotiator sentenced, and vishing crews raid SharePoint   Progress Software ordered customers running ShareFile Storage Zone Controllers to shut dow...

13 Juli 10min

AI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel

AI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel

Can governments decide who gets access to advanced AI models? Are third-party breaches becoming impossible to control? And why are so many CISOs reaching burnout? In this special Cybersecurity Today M...

11 Juli 1h 1min

A questionable breach, bad routers at home and at work and AI gives defenders a win

A questionable breach, bad routers at home and at work and AI gives defenders a win

This episode covers a hacker's claim of stealing 35GB from Accenture—including source code, Azure personal access tokens, RSA keys, and SSH keys—while Accenture calls it an isolated, remediated matter...

10 Juli 12min

Scattered Spider squashed, Rogue Agent AI flaw, 16 year-old Linux bug and new phish hunts marketers

Scattered Spider squashed, Rogue Agent AI flaw, 16 year-old Linux bug and new phish hunts marketers

Cybersecurity Today host David Shipley covers how a newly unsealed U.S. complaint tied an alleged Scattered Spider member to a luxury retailer intrusion using a persistent Windows device ID, with pros...

8 Juli 13min

AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted

AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted

AI-Run Ransomware, New Oracle 9.8 Flaw Exploited, NetNut Proxy Network Busted, and Pegasus Hits EU Spyware Investigator   This episode covers researchers' report of "Jade Puffer," the first ransomware...

6 Juli 14min

Teams battles bots, Bioshocking AI browser guardrails, Fortibleed fuels ransomware

Teams battles bots, Bioshocking AI browser guardrails, Fortibleed fuels ransomware

Teams cracks down on meeting bots, AI guardrails get bypassed, FortiBleed fuels ransomware, and Nissan confirms PeopleSoft breach   Microsoft rolls out a new Teams admin policy, "Manage External Bots ...

3 Juli 10min

US puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencing

US puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencing

US Puts $10M Bounty on Russian Hackers, Supreme Court Limits Geofence Warrants, New phishing campaign targets hotels, AI Coding Agents Tricked into Malware and Canada's Electronic Spies Go After Ranso...

1 Juli 11min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
p3-krim
tv4-nyheterna-story
aftonbladet-daily
flashback-forever
rss-vad-fan-hande
motiv
de-fyras-gang
rss-krimreportrarna
rss-krimstad
spar
rss-sanning-konsekvens
rss-frandfors-horna
rss-flodet
mannen-utan-spar
rss-aftonbladet-krim
kungligt
politiken
krimmagasinet