RSS Reader for Computer Security Articles
Categories: News Tags: Chrome Tags: Windows Tags: Edge Tags: browser Tags: update Tags: Microsoft Tags: default Tags: install We take a look at trouble brewing in browser land after a controversial Windows update leaves Chrome fans without a useful feature. |
The post Microsoft vs Google spat sees users rolling back security updates to fix browser issues appeared first on Malwarebytes Labs.
Read More
Credit to Author: Alanna Titterington| Date: Fri, 05 May 2023 10:57:32 +0000
In its February update, Microsoft appeared to finally bury Internet Explorer. However, we explain why it’s still too early to… crack open the champagne.
Read More
Credit to Author: BrianKrebs| Date: Fri, 21 Apr 2023 01:05:44 +0000
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
Read MoreCredit to Author: Microsoft Security Threat Intelligence| Date: Tue, 18 Apr 2023 15:00:00 +0000
Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.
The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog.
Read More
Credit to Author: Alanna Titterington| Date: Tue, 18 Apr 2023 12:44:25 +0000
A newly discovered serious vulnerability means Google Chrome, Microsoft Edge, Opera, Yandex Browser, Vivaldi and other Chromium-based browsers should be updated immediately
Read More
Microsoft has addressed 97 existing vulnerabilities this April Patch Tuesday, with a further eight previously released patches updated and re-released. There have been reports of a vulnerability (CVE-2023-28252) exploited in the wild, making it a “Patch Now” release.
This update cycle affects Windows desktops, Microsoft Office, and Adobe Reader. No updates for Microsoft Exchange this month. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this April update cycle.
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Apple Tags: Google Tags: Adobe Tags: Cisco Tags: SAP Tags: Mozilla Tags: CVE-2023-28252 Tags: CVE-2023-28231 Tags: CVE-2023-21554 Tags: Word Tags: Publisher Tags: Office One fixed vulnerability is being actively exploited by a ransomware gang and many others were fixed in this month’s Patch Tuesday updates. |
The post Update now! April’s Patch Tuesday includes a fix for one zero-day appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Microsoft Security Threat Intelligence| Date: Tue, 11 Apr 2023 16:00:00 +0000
Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
The post DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia appeared first on Microsoft Security Blog.
Read More