7 Infamous Moments in Adobe Flash's Security HistoryEnd-of-life is here: Adobe's support for Flash is gone as of Jan. 1. Here's what we won't miss about the multimedia software platform.
Zero-Click Apple Zero-Day Uncovered in Pegasus Spy AttackThe phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE.
Simplifying Proactive Defense With Threat PlaybooksFortinet's Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs.
Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card DataUnderground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.
Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client TakeoversThe bugs rate 10 out of 10 on the vulnerability-severity scale, thanks to the ease of exploitation.
Hacker Dumps Crypto Wallet Customer Data; Active Attacks FollowCustomer data from a June attack against cryptocurrency wallet firm Ledger is now public and actively being used in attacks.
Cybersecurity Advent calendar: Stay aware, stay safe!
When it comes to holiday gifts, surprise and wonder are always welcome. When it comes to protecting your security, however, you don’t want to leave anything to chance.
The post Cybersecurity Advent calendar: Stay aware, stay safe! appeared first on WeLiveSecurity
We Have a National Cybersecurity Emergency -- Here's How We Can RespondLet's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that.
A second hacking group has targeted SolarWinds systemsSome SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack.
Telemed Poll Uncovers Biggest Risks and Best PracticesWhat are the riskiest links in the virtual healthcare chain? Threatpost readers weigh in as part of an exclusive telemed poll.
Zero-click iOS zero-day found deployed against Al Jazeera employeesZero-day exploited a vulnerability in the iMessages app, patched in iOS 14.
iPhones vulnerable to hacking tool for months, researchers say
Analysis: NSO Group’s Pegasus spyware could allegedly track locations and access passwords
For almost a year, spyware sold by Israel’s NSO Group was allegedly armed with a computer security super-weapon: a zero-footprint, zero-click, zero-day exploit that used a vulnerability in iMessage to seize control of an iPhone at the push of a button.
That means it would have left no visible trace of being placed on target’s phones, could be installed by simply sending a message that the victim didn’t even need to click on, and worked even on phones that were running the then-latest version of iOS, the operating system for iPhones.Continue reading...