Cybersecurity News


Apple’s Device Location-Tracking System Could Expose User Identities

Apple’s Device Location-Tracking System Could Expose User Identities Researchers have identified two vulnerabilities in the company’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.
09 March 2021

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs

Microsoft Patch Tuesday Updates Fix 14 Critical Bugs Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
09 March 2021

Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day

The monthly rollout follows last week's emergency Microsoft Exchange Server patch covering seven CVEs, four of which are under attack.
09 March 2021

Dark Web Markets for Stolen Data See Banner Sales

Dark Web Markets for Stolen Data See Banner Sales Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament — they need to lock down their growing businesses for […]
09 March 2021

Warning the World of a Ticking Time Bomb

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a "web shell" backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim's other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.
09 March 2021

Adobe Critical Code-Execution Flaws Plague Windows Users

Adobe Critical Code-Execution Flaws Plague Windows Users The critical flaws exist in Adobe Framemaker, Connect and the Creative Cloud desktop application for Windows.
09 March 2021

Linux Foundation Debuts Sigstore Project for Software Signing

Sigstore aims to improve the open source software supply chain by simplifying the process of cryptographic software signing.
09 March 2021

Adobe releases batch of security fixes for Framemaker, Creative Cloud, Connect

This month’s security release tackles a handful of vulnerabilities.
09 March 2021

Microsoft's March Patch Tuesday: Critical remote code execution flaws, IE zero-day fixed

The fixes follow an unscheduled emergency release for Microsoft Exchange Server.
09 March 2021

Dark Reading 'Name That Toon' Winner: Gather 'Round the Campfire

Dark Reading 'Name That Toon' Winner: Gather 'Round the Campfire And the winner of Dark Reading's February cartoon caption contest is ...
09 March 2021

48% of Security Pros Prohibited From Intelligence-Sharing

Some do so anyway, according to new Kaspersky research.
09 March 2021

COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns

The rapid launch of contract-tracing apps to control COVID-19's spread opened the door to multiple security and privacy vulnerabilities.
09 March 2021

Leaked Development Secrets a Major Issue for Repositories

Every day, more than 5,000 private keys, database connection strings, certificates, and passwords are leaked to GitHub repositories, putting applications at risk.
09 March 2021

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users.
09 March 2021

WhatsApp may soon roll out encrypted chat backups

While chats are end-to-end encrypted, their backups are not – this may change soon

The post WhatsApp may soon roll out encrypted chat backups appeared first on WeLiveSecurity

09 March 2021

Apple Plugs Severe WebKit Remote Code-Execution Hole

Apple Plugs Severe WebKit Remote Code-Execution Hole Apple pushed out security updates for a memory-corruption bug to devices running on iOS, macOS, watchOS and for Safari.
09 March 2021

Microsoft Pushes Patches for Older Versions of Exchange Server

Additional patches arrive as CISA issues an alert urging all organizations to immediately patch the Microsoft Exchange vulnerabilities.
09 March 2021

Look to Banking as a Model for Stopping Crime-as-a-Service

The first step toward prevention is understanding the six most common CaaS services.
09 March 2021

Malicious apps on Google Play dropped banking Trojans on user devices

The utility apps contained a previously-unknown dropper for financial malware.
09 March 2021

UnityMiner cryptocurrency malware hijacks QNAP storage devices

A remote code execution bug is to blame this time.
09 March 2021