π΄ Apple (Finally) Removes MacOS App Caught Stealing User Browser Histories π΄
π Read
via "Dark Reading: ".
The fact that the app likely has been exfiltrating data for years is "rather f#@&'d" up, says the security researcher who reported the issue to Apple one month ago.π Read
via "Dark Reading: ".
Dark Reading
Apple (Finally) Removes MacOS App Caught Stealing User Browser Histories
The fact that the app likely has been exfiltrating data for years is rather f#@&'d up, says the security researcher who reported the issue to Apple one month ago.
β βDomestic Kittenβ Mobile Spyware Campaign Aims at Iranian Targets β
π Read
via "The first stop for security news | Threatpost ".
Spreading via fake Android apps, the malware lifts a range of sensitive information from victims' devices.π Read
via "The first stop for security news | Threatpost ".
Threat Post
βDomestic Kittenβ Mobile Spyware Campaign Aims at Iranian Targets
Spreading via fake Android apps, the malware lifts a range of sensitive information from victimsβ devices.
π΄ Foreshadow, SGX & the Failure of Trusted Execution π΄
π Read
via "Dark Reading: ".
Trusted execution environments are said to provide a hardware-protected enclave that runs software and cannot be accessed externally, but recent developments show they fall far short.π Read
via "Dark Reading: ".
Darkreading
Foreshadow, SGX & the Failure of Trusted Execution
Trusted execution environments are said to provide a hardware-protected enclave that runs software and cannot be accessed externally, but recent developments show they fall far short.
β’ Standard to protect against BGP hijack attacks gets first official draft β’
π Read
via "Latest topics for ZDNet in Security".
NIST and DHS project publishes first draft of new BGP Route Origin Validation (ROV) standard that will help ISPs and cloud providers protect against BGP hijack attacks.π Read
via "Latest topics for ZDNet in Security".
ZDNet
Standard to protect against BGP hijack attacks gets first official draft
NIST and DHS project publishes first draft of new BGP Route Origin Validation (ROV) standard that will help ISPs and cloud providers protect against BGP hijack attacks.
β’ Australia's anti-encryption law will merely relocate the backdoors: Expert β’
π Read
via "Latest topics for ZDNet in Security".
If the Assistance and Access Bill becomes law as it stands, it could affect 'every website that is accessible from Australia' with relatively few constraints in the government's powers.π Read
via "Latest topics for ZDNet in Security".
ZDNet
Australia's anti-encryption law will merely relocate the backdoors: Expert
If the Assistance and Access Bill becomes law as it stands, it could affect 'every website that is accessible from Australia' with relatively few constraints in the government's powers.
β’ Popular VPNs contain code execution security flaws, despite patches β’
π Read
via "Latest topics for ZDNet in Security".
ProtonVPN and NordVPN contain severe bugs which impact Windows users and threaten their privacy.π Read
via "Latest topics for ZDNet in Security".
ZDNet
Popular VPNs contained code execution security flaws, despite patches
Updated: Patches applied to a vulnerability in ProtonVPN and NordVPN builds led to the discovery of separate bugs which had to be resolved quickly in recent updates.
β Monday review β the hot 24 stories of the week β
π Read
via "Naked Security".
From Google buying Mastercard card records and Google warning users of FBI snooping to Chrome making it harder to use Flash, and more!π Read
via "Naked Security".
Naked Security
Monday review β the hot 24 stories of the week
From Google buying Mastercard card records and Google warning users of FBI snooping to Chrome making it harder to use Flash, and more!
β’ Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits β’
π Read
via "Latest topics for ZDNet in Security".
The IoT botnets are back with a new arsenal containing a vast array of vulnerabilities.π Read
via "Latest topics for ZDNet in Security".
ZDNet
Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits | ZDNet
The IoT botnets are back with a new arsenal containing a vast array of vulnerabilities.
β βOnly paper ballots by 2020!β call experts after election tampering β
π Read
via "Naked Security".
The National Academy of Sciences says the US election system uses insecure technology and is fighting off attempts to destabilize it.π Read
via "Naked Security".
Naked Security
βOnly paper ballots by 2020!β call experts after election tampering
The National Academy of Sciences says the US election system uses insecure technology and is fighting off attempts to destabilize it.
β Google Chrome will now generate unique passwords for you β
π Read
via "Naked Security".
Chrome will now generate a unique password for users as a part of the everyday credential creation process.π Read
via "Naked Security".
Naked Security
Google Chrome will now generate unique passwords for you
Chrome will now generate a unique password for users as a part of the everyday credential creation process.
β’ How to spot a fake ICO (in pictures) β’
π Read
via "Latest topics for ZDNet in Security".
Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fraudulent and what is legitimate?π Read
via "Latest topics for ZDNet in Security".
ZDNet
How to spot a fake ICO (in pictures) | ZDNet
Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fraudulent and what is legitimate?
β’ These are the warning signs of a fraudulent ICO β’
π Read
via "Latest topics for ZDNet in Security".
Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fake and what is legitimate?π Read
via "Latest topics for ZDNet in Security".
ZDNet
These are the warning signs of a fraudulent ICO | ZDNet
Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fake and what is legitimate?
β’ Researcher finds new malware persistence method leveraging Microsoft UWP apps β’
π Read
via "Latest topics for ZDNet in Security".
New malware persistence method works only on Windows 10 and abuses built-in UWP apps like the Cortana and People apps.π Read
via "Latest topics for ZDNet in Security".
ZDNET
Researcher finds new malware persistence method leveraging Microsoft UWP apps
New malware persistence method works only on Windows 10 and abuses built-in UWP apps like the Cortana and People apps.
β North Korean programmer charged for Sony, WannaCry attacks and more β
π Read
via "Naked Security".
Park Jin Hyok is allegedly with Lazarus Group, a hacking team connected to attacks on a wide array of industries and public utilities.π Read
via "Naked Security".
Naked Security
North Korean programmer charged for Sony, WannaCry attacks and more
Park Jin Hyok is allegedly with Lazarus Group, a hacking team connected to attacks on a wide array of industries and public utilities.
β Supermicro servers fixed after insecure firmware updating discovered β
π Read
via "Naked Security".
Researchers have sounded a warning about the security of Baseboard Management Controllers (BMCs) - a critical component that datacentres depend on to manage servers.π Read
via "Naked Security".
Naked Security
Supermicro servers fixed after insecure firmware updating discovered
Researchers have sounded a warning about the security of Baseboard Management Controllers (BMCs) β a critical component that datacentres depend on to manage servers.
β Appleβs new tool will make it easier for law enforcement to request data β
π Read
via "Naked Security".
Apple is planning to create an online portal that will allow law enforcement officials around the world to request information about its users more easily.π Read
via "Naked Security".
Naked Security
Appleβs new tool will make it easier for law enforcement to request data
Apple is planning to create an online portal that will allow law enforcement officials around the world to request information about its users more easily.
π The secret to successful cybersecurity programs? Training and automation π
via "Security on TechRepublic".
Cybersecurity programs have drastically improved since 2017, according to a recent DomainTools survey. Here's how you can improve your cybersecurity GPA.
π Readvia "Security on TechRepublic".
TechRepublic
The secret to successful cybersecurity programs? Training and automation
Cybersecurity programs have drastically improved since 2017, according to a recent DomainTools survey. Here's how you can improve your cybersecurity GPA.
β’ LuckyMouse uses malicious NDISProxy Windows driver to target gov't entities β’
π Read
via "Latest topics for ZDNet in Security".
The hacking group is covertly infecting Windows machines with Trojans by way of stolen certificates belonging to a Chinese security company.π Read
via "Latest topics for ZDNet in Security".
ZDNet
LuckyMouse uses malicious NDISProxy Windows driver to target gov't entities | ZDNet
The hacking group is covertly infecting Windows machines with Trojans by way of stolen certificates belonging to a Chinese security company.
β’ Exploit vendor drops Tor Browser zero-day on Twitter β’
π Read
via "Latest topics for ZDNet in Security".
A company that sells exploits to government agencies drops Tor Browser zero-day on Twitter after recent Tor Browser update renders exploit less valuable.π Read
via "Latest topics for ZDNet in Security".
ZDNET
Exploit vendor drops Tor Browser zero-day on Twitter
A company that sells exploits to government agencies drops Tor Browser zero-day on Twitter after recent Tor Browser update renders exploit less valuable.
β’ iPhone XS: The one reason I won't buy in β’
π Read
via "Latest topics for ZDNet in Security".
One of the most highly touted breakthroughs of the iPhone X--and soon to be the iPhone XS--is also its biggest drawback in usability and productivity.π Read
via "Latest topics for ZDNet in Security".
ZDNet
iPhone XS: The one reason I won't buy in | ZDNet
One of the most highly touted breakthroughs of the iPhone X -- and soon to be the iPhone XS -- is also its biggest drawback in usability and productivity.
β Mirai, Gafgyt Botnets Return to Target Infamous Apache Struts, SonicWall Flaws β
π Read
via "The first stop for security news | Threatpost ".
By implementing the "Equifax bug," it's the first known time a Mirai IoT botnet variant has targeted an Apache Struts vulnerability.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Mirai, Gafgyt Botnets Return to Target Infamous Apache Struts, SonicWall Flaws
By implementing the βEquifax bug,β itβs the first known time a Mirai IoT botnet variant has targeted an Apache Struts vulnerability.