[ad_1] The security hole isn’t difficult to use. It takes “about three seconds in practice,” according to Secura. Agencies have to install the patch no later than September 21st. While the alert is clearly aimed at federal officials, it also serves as a warning for private firms that depend on Windows servers and Active Directory. […]
Category: exploit
Zoom fixed a vanity URL issue that could have led to phishing attacks
[ad_1] Zoom says it has fixed a security issue that would have let hackers manipulate organizations’ custom URLs for the service and send legitimate-seeming meeting invitations. If a victim accepted the invitation and attended the meeting, the phony caller may have been able to inject malware into their device or carry out a phishing attack. […]
Nintendo says 140,000 more NNID accounts have been illegally accessed
[ad_1] Nintendo shut down NNID logins back in April after it discovered hackers had compromised some 160,000 accounts using legacy credentials. Now, the company says that figure was more like 300,000. In a Japanese language statement posted today, Nintendo says that in continuing the investigation, it found “approximately 140,000 additional NNIDs that may have been […]
‘Sign in with Apple’ flaw let attackers take over accounts
[ad_1] ‘Sign in with Apple’ is potentially more private than other login options, but it apparently included a serious security flaw. Researcher Bhavuk Jain recently received a $100,000 bug bounty for discovering (via Hacker News) a flaw in the sign-in service when available through third-party apps. If an app didn’t have its own security measures, […]
The latest iOS jailbreak cracks virtually any iPhone
[ad_1] Apple’s efforts to discourage iOS jailbreaking have typically left enthusiasts waiting a while until code sleuths discover a flaw that lets them bypass safeguards and break some of the platform’s rules. Not this time around, though. The Unc0ver team has released (via TechCrunch) a jailbreak that works with every iPhone that runs iOS 11 […]
Thunderbolt port flaw lets hackers steal your data
[ad_1] However, Ruytenberg’s attack method could get around even those settings by changing the firmware that controls the Thunderbolt port, allowing any device to access it. What’s more, the hack leaves no trace, so the user would never know their PC was altered. If you intend to use Thunderbolt connectivity, we strongly recommend to: Connect […]
Multiple antivirus apps are vulnerable to common security flaws
[ad_1] Intruders would still need to download and run the necessary code before launching a symlink race, so this is more of a tool to facilitate an existing breach than start it. Researchers also noted that most of the vendors (including AVG, F-Secure, McAfee and Symantec) have fixed the bugs, some of them quietly. This […]
Apple Mail for iPhone may be vulnerable to malware attacks
[ad_1] The problem, though, is that evidence is relatively difficult to find. ZecOps found its evidence through hints in iOS, and couldn’t obtain the malware as the messages had already been deleted. Jamf Software security researcher Patrick Wardle also told the WSJ that the evidence of ongoing attacks was “compelling,” but not authoritative. We’ve asked […]
Safari flaw let intruders hijack cameras on iPhones and Macs
[ad_1] If you're working on a Mac at home or reconnecting with friends on an iPhone, you'll want to be sure you have the latest security updates. Security researcher Ryan Pickren has detailed recently patched Safari vulnerabilities that allowed int… [ad_2] Source link
Chinese digital spying is becoming more aggressive, researchers say
[ad_1] Cisco and Citrix both told Reuters that they have patched the vulnerabilities that were being exploited by APT41. Citrix is also coordinating with FireEye to find “potential compromises.” Reuters reached out to Dell Technologies’ cybersecurity arm, Secureworks, which stated that the company has also seen increased activity from Chinese hackers “over the last few […]