Items tagged with security
It seems that cybersecurity concerns are once again on the rise, as just this week, we reported on the surge in ransomware attacks. Now, researchers at Qualys have published a privilege escalation vulnerability within snap-confine, a software packaging, and deployment system for Linux Kernel-based operating systems...
Read more...
A number of cybersecurity experts and teams have recently released reports going over cybersecurity data from 2021 and detailing the growing ransomware threat. We covered a report revealing which industries and countries were hit the most by ransomware, as well as a report that ransomware attacks doubled in...
Read more...
Passwords get compromised every day through devices, services, and operating systems. Microsoft's operating system, Windows, is no different. To help combat this, Microsoft's antivirus utility, Defender, is getting a new (and much welcomed) default policy setting.
Building on Microsoft's efforts in security as of...
Read more...
If you're using Google's Chrome browser your Windows PC, Linux system, or Mac computer, be sure you have the latest version installed (version 98.0.4758.102). That's because the latest update contains several security fixes, including an emergency patch for a zero-day vulnerability that Google says is being actively...
Read more...
Since it’s meteoric rise in early 2020, Zoom has repeatedly come under fire, whether for playing fast and loose with the definition of end-to-end encryption, sharing user data with Facebook undisclosed, installing a hidden web server on customers’ Macs, publishing then back-tracking a claim of 300 million daily active...
Read more...
Apple has had to deal with a spate of security related issues as of late. Recently, the company addressed some issues related to it AirTag products. Siri also had a bit of an overshare problem for a while there, and now Apple has has yet another security patch rollout to address a major exploit affecting three of its...
Read more...
HP, which maintains a threat analyst team, has released a post on its threat research blog detailing a tricky new malware campaign. Only a day after Microsoft announced that Windows 11 was entering its final phase of availability, becoming available for broad deployment on eligible devices, HP discovered that someone...
Read more...
A few days after the last security update for the Google Pixel 3 ever, Samsung has announced that select Galaxy devices get four generations of updates. With pre-orders now available for the Galaxy S22 series in full swing, this announcement steps all over Google's policy of up to three years of OS updates for its...
Read more...
ExpressVPN runs a bug bounty program through Bugcrowd for the purpose of improving security across the VPN company’s services and websites. The program has already had 22 successful bounty claimants, but ExpressVPN is now sweetening the pot in order to attract more white hat hackers.
ExpressVPN’s bounty program has...
Read more...
Google's flagship phone family sure has had its fair share of ups and downs. The Pixel 3 is no different. Today the down is that the device will receive its final security update. While having one of the best phone cameras at the time of release, it did not exactly sell like hotcakes, at least not right away. After...
Read more...
When folks talk about major security flaws like the Log4shell exploit in Log4j, or the Eternal Silence UPnP exploit, everyone tends to panic until they're resolved. That's because those bugs are remotely exploitable, meaning that they can be used to attack a system over the internet without placing the attacker in...
Read more...
The US Department of Justice (DOJ) announced it has seized an estimated $3.6 billion in stolen cryptocurrency. The seizure came along with the arrest of a married couple accused of laundering 119,754 bit coin in an elaborate scheme.
Headlines denoting hackers stealing cryptocurrency is not an uncommon occurrence...
Read more...
Back in May of last year, we reported on a new campaign by Google to increase user account security through a number of methods. As part of this campaign, Google announced its plans to drive people to use two-factor authentication (2FA), saying that users whose accounts are appropriately configured would begin to be...
Read more...
Since their beginning, macros in Office applications have been both a blessing and a curse for users and system administrators alike. The feature causes significant security woes due to many methods of exploitation in the macro system. Now Microsoft has stated that its popular productivity suite is getting extra...
Read more...
We reported a week ago on a security vulnerability in Windows that multiple publicly available exploits can leverage to gain elevated privileges. We advised readers to apply the patch for this vulnerability as soon as possible, and now the Cybersecurity and Infrastructure Security Agency (CISA) is ordering federal...
Read more...
A new Security Advisory from Cisco has outlined a huge number of security-related vulnerabilities and issues that have been patched in their latest firmware update. The security advisory says to run updates on the devices affected immediately.
The advisory, which was first published on February 2 and updated again...
Read more...
A cybersecurity firm just recently discovered a search engine optimization (SEO) poisoning campaign intended to dupe users into installing malware on their computers. The campaign works by leveraging various SEO techniques, such as cramming tons of keywords into the source code of various malicious webpages, in order...
Read more...
Intel has published its 2021 Product Security Report and in it the company suggests its processors are far less buggy than AMD's chips. The key section is on page 28 where Intel highlights having reported 16 CPU vulnerabilities last year, whereas AMD reported 31 CPU vulnerabilities in the same time period. What can we...
Read more...
A trojan known as UpdateAgent began infecting Mac computers back in September 2020, but this infection was relatively innocuous at the time, doing nothing other than collecting some basic system and device information and broadcasting its presence to the command-and-control (C2) server. However, Microsoft has been...
Read more...
In one of the largest DeFi hacks ever, a hacker is being offered a $10 million bug bounty for the return of stolen money. Wormhole, one of the biggest bridges between Solana and other blockchains, was hacked for approximately $324 million.
Cryptocurrency is one of the hottest assets going right now. So hot that...
Read more...
A team from Binarly, a firmware protection company, recently discovered several repeatable anomalies on twenty different enterprise machines in the course of a job for a midsize enterprise company. After looking further into these anomalies and digging all the way down into the disassembly code, the team found 23...
Read more...
If you fancy yourself an elite hacker, there could be an Intel event in your future. The chip maker announced it is expanding its bug bounty program with Project Circuit Breaker, which will provide capable hackers with opportunities to win prizes and swag by hunting for bugs in firmware, hypervisors, GPUs, chipsets...
Read more...
