RSS Reader for Computer Security Articles
Credit to Author: Lily Hay Newman| Date: Tue, 18 Apr 2023 12:00:00 +0000
More than half of the enterprise routers researchers bought secondhand hadn’t been wiped, exposing sensitive info like login credentials and customer data.
Read More
Credit to Author: Andy Greenberg| Date: Mon, 17 Apr 2023 20:46:49 +0000
Three criminal cases detail China’s alleged attempts to extend its security forces’ influence online—and around the globe.
Read More
Credit to Author: Lily Hay Newman| Date: Mon, 17 Apr 2023 17:51:11 +0000
The discovery of malicious encryptors for Apple computers could herald new risks for macOS users if the malware continues to evolve.
Read MoreCredit to Author: Andrew Stevens| Date: Tue, 18 Apr 2023 00:00:00 +0000
Learn more about how cloud automation can simplify security controls, policies, and scans.
Read More
No matter what US President Joseph R. Biden Jr. said, NSO Group is still around; the privatized spying service produced zero-click exploits against iOS 15 and iOS 16 last year, according to the latest report from Citizen Lab.
It also suggests Lockdown Mode is effective against such attacks.
The report reflects what Citizen Lab learned from investigating attacks against Mexican human rights defenders. The researchers conclude that NSO Group, called “mercenary hackers” by Apple, has made wide use of at least three zero-click exploits in Apple’s iPhone operating systems against civil society targets worldwide. NSO Group is the infamous firm that created the Pegasus tool used to spy on people.
Credit to Author: Microsoft Security Threat Intelligence – Editor| Date: Tue, 18 Apr 2023 15:00:00 +0000
Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft talks about threats but also how we enable customers to understand those threats quickly and with clarity.
The post Microsoft shifts to a new threat actor naming taxonomy appeared first on Microsoft Security Blog.
Read MoreCredit to Author: Microsoft Security Threat Intelligence| Date: Tue, 18 Apr 2023 15:00:00 +0000
Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog.
Read More
Credit to Author: Alanna Titterington| Date: Tue, 18 Apr 2023 12:44:25 +0000
A newly discovered serious vulnerability means Google Chrome, Microsoft Edge, Opera, Yandex Browser, Vivaldi and other Chromium-based browsers should be updated immediately
Read More