Latest Warnings – Computer Security Articles

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

March 22, 2023 admin A Little Sunshine, breachforums, bytedance, darknavy, data breaches, google, Latest Warnings, liu huafang, pdd holdings, pinduoduo, project zero, temu, TikTok, Web Fraud 2.0, weibo

Credit to Author: BrianKrebs| Date: Wed, 22 Mar 2023 23:11:08 +0000

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.

Independent Krebs

Microsoft Patch Tuesday, February 2023 Edition

February 14, 2023 admin cve-2023-21529, cve-2023-21706, cve-2023-21707, cve-2023-21715, cve-2023-21716, cve-2023-21823, cve-2023-23376, dustin childs, immersive labs, internet explorer 11, johannes ullrich, kevin breen, Latest Warnings, Mandiant, Microsoft Office, microsoft patch tuesday february 2023, sans internet storm center, Security Tools, Time to Patch, trend micro zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 14 Feb 2023 21:01:41 +0000

Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.

Independent Krebs

New T-Mobile Breach Affects 37 Million Accounts

January 19, 2023 admin 2023 t-mobile breach, data breaches, Latest Warnings, optus, t-mobile breach, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 20 Jan 2023 04:09:22 +0000

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Independent Krebs

Microsoft Patch Tuesday, January 2023 Edition

January 10, 2023 admin cve-2023-21563, cve-2023-21674, cve-2023-21678, cve-2023-21743, cve-2023-21745, cve-2023-21762, dustin childs, Latest Warnings, microsoft bitlocker, Satnam Narang, Security Tools, Tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 10 Jan 2023 22:28:55 +0000

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection.

Independent Krebs

Microsoft Patch Tuesday, December 2022 Edition

December 14, 2022 admin apple zero-day, cve-2022-41076, cve-2022-44698, cve-2022-44710, cve-2022-44713, Greg Wiseman, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday december 2022, Powershell, Rapid7, Security Tools, Sophos, Time to Patch, trend micro's zero day initiative, will dormann, windows

Credit to Author: BrianKrebs| Date: Wed, 14 Dec 2022 17:01:07 +0000

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

Independent Krebs

ConnectWise Quietly Patches Flaw That Helps Phishers

December 1, 2022 admin A Little Sunshine, connectwise, cybir, goto, ken pyle, lastpass, Latest Warnings, tarran street, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 01 Dec 2022 19:35:11 +0000

ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.

Independent Krebs

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

November 28, 2022 admin A Little Sunshine, arello-mobile, army times, constella intelligence, foreign adtech, intelligence authorization act for 2023, Latest Warnings, max konev, national training center, pincer trojan, pushwoosh, Reuters, The Coming Storm, u.s. army, yuri shmakov, zach edwards

Credit to Author: BrianKrebs| Date: Mon, 28 Nov 2022 22:08:21 +0000

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.

Independent Krebs

Microsoft Patch Tuesday, October 2022 Edition

October 11, 2022 admin caitlin condon, cve-2022-37968, cve-2022-41033, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday october 2022, Rapid7, Satnam Narang, Tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 11 Oct 2022 21:06:23 +0000

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.

← Previous