Security
Researchers with Google’s Threat Analysis Group (TAG) and Project Zero discovered a zero-day exploit (CVE-2020-16009) last week. On Monday, Google released Chrome patch 86.0.4240.183 for Windows, macOS, and Linux that addresses the issue. The patch notes do not divulge details regarding the security hole other than saying it has to do with an “inappropriate implementation” […]
Technology has made our lives significantly easier. Thanks to the ubiquity of the internet and recent advances in mobile technology, you can shop and bank online anywhere, anytime. The days when you had to walk into a brick and mortar store to buy stuff or transact are long gone. But there’s a downside to all […]
Microsoft posted a new security advisory today (ADV200006), detailing what it’s calling “Type 1 Font Parsing Remote Code Execution Vulnerability.” They have given the vulnerability a “critical” severity rating, which is the highest severity rating Microsoft gives. The flaw seems to stem from the Adobe Type Manager Library and deals with how Windows handles fonts. […]
AMD processors released since 2013 are vulnerable to a pair of new side-channel attacks, “Collide + Probe” and “Load + Reload.” Both exploit weaknesses in AMD’s L1D cache way predictor, a tool that predicts where data is stored in the processor, to detect when that data is accessed. By combining the new exploits with existing […]
Security researchers have discovered a new security flaw on Intel CPUs that “jeopardizes” Intel’s root of trust. According to security researchers at Positive Technologies, the new vulnerability affects Intel CPUs released in the past five years. The vulnerability is within Intel’s Converged Security and Management Engine (CSME), a part of the chip that controls system […]
Facebook patched a critical WhatsApp vulnerability that would have allowed potential attackers to read files from a user’s local file system, on both macOS and Windows platforms. “A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading,” Facebook’s security advisory explains. “Exploiting the vulnerability requires the victim […]
As of today, anyone with a modern Android phone running 7.0 Nougat or later or iPhone iOS 10 or later can enroll in Advanced Protection using just their handset as the security key. You can get airtight security for your Google account without having to carry around a dedicated key fob just to sign in. […]
Microsoft is teaming up with Windows device manufacturers to tighten firmware security in a new initiative called Secure-Core PCs, which are built to defend against firmware-level attacks. These attacks, according to Microsoft, are becoming more common in recent years. This is largely due to the ever-improving security features built into operating systems and their “connected […]
Trend Micro recently found 85 adware-laden Android apps on the Google Play Store. According to the company, majority of the apps that were discovered were found to be disguised as photography and gaming apps and were downloaded over 8 million times. All the 85 adware-laden apps were removed from the Play Store soon after Trend […]
Apple is paying contractors to listen to recorded Siri conversations, according to a new report from The Guardian. A former contractor revealing that workers have heard accidental recordings of users’ personal lives, including doctor’s appointments, addresses, and even possible drug deals. According to that contractor, Siri interactions are sent to workers, who listen to the […]
QNAP, a Taiwan-based network-attached storage (NAS) vendor, warned its NAS customers to make sure they’re using strong passwords, have the latest version of its QTS firmware installed and are staying vigilant about their device’s security in response to Anomali’s disclosure of the eCh0raix Ransomware earlier this month. QNAP published a security advisory for its NAS […]
If you’ve been on any social medium in the last few days then you can’t have failed to notice it FaceApp is everywhere. Despite launching way back in January 2017, the app has suddenly received a new lease of viral life. But as quickly as it has appeared, the worries about what the company is […]
British bank Natwest is trialling the use of a new payment card with a built-in fingerprint scanner. The trial, which will include 200 customers when it begins in mid-April, will allow its participants to make payments called “contactless” in the UK without needing to input a PIN or offer a signature. The standard £30 limit […]
CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191. A suspicious activity was identified on September 12th, 2017, where we saw an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner, and CCleaner Cloud version 1.07.3191, on 32-bit Windows systems. Based on further analysis, we found that the 5.33.6162 version of CCleaner […]
Security researchers have discovered a “vaccine” for the huge cyber-attack that hit organisations across the world on Tuesday 27 June 2017. A perfc solution But for those concerned about the attack there appears to be fix, albeit one with limited effectiveness. By creating a read-only file – named perfc – and placing it within a […]