[ad_1] The security hole isn’t difficult to use. It takes “about three seconds in practice,” according to Secura. Agencies have to install the patch no later than September 21st. While the alert is clearly aimed at federal officials, it also serves as a warning for private firms that depend on Windows servers and Active Directory. […]
Category: vulnerability
Google Drive flaw may let attackers fool you into installing malware
[ad_1] The approach could be used for spear phishing attacks that trick users into compromising their systems. You might get a notification of a document update and grab the file without realizing the threat. Nikoci said he notified Google about the issue, but that it was still unpatched as of August 22nd. We’ve asked Google […]
Microsoft is patching a dangerous Windows DNS Server exploit
[ad_1] Security researchers have discovered a serious flaw in Windows’ Domain Name System software that users must patch immediately. Sagi Tzaik from Check Point found a way to run malicious code which can be used to hijack websites, intercept emails, steal private information and take sites offline. Microsoft has already acknowledged the issue and has […]
‘Sign in with Apple’ flaw let attackers take over accounts
[ad_1] ‘Sign in with Apple’ is potentially more private than other login options, but it apparently included a serious security flaw. Researcher Bhavuk Jain recently received a $100,000 bug bounty for discovering (via Hacker News) a flaw in the sign-in service when available through third-party apps. If an app didn’t have its own security measures, […]
Qatar’s contact tracing app put over one million people’s info at risk
[ad_1] Qatar’s app, called EHTERAZ, uses GPS and Bluetooth to track COVID-19 cases, and last week, authorities made it mandatory. According to Amnesty, people who don’t use the app could face up to three years in prison and a fine of QR 200,000 (about $55,000). “This incident should act as a warning to governments around […]
The latest iOS jailbreak cracks virtually any iPhone
[ad_1] Apple’s efforts to discourage iOS jailbreaking have typically left enthusiasts waiting a while until code sleuths discover a flaw that lets them bypass safeguards and break some of the platform’s rules. Not this time around, though. The Unc0ver team has released (via TechCrunch) a jailbreak that works with every iPhone that runs iOS 11 […]
Multiple antivirus apps are vulnerable to common security flaws
[ad_1] Intruders would still need to download and run the necessary code before launching a symlink race, so this is more of a tool to facilitate an existing breach than start it. Researchers also noted that most of the vendors (including AVG, F-Secure, McAfee and Symantec) have fixed the bugs, some of them quietly. This […]
Apple said it found ‘no evidence’ that Mail users were hacked
[ad_1] ZecOps originally said that it found its evidence through digital clues left behind in iOS, adding that it couldn’t obtain proof in the form of messages as they had been deleted from targets’ phones. In a response to Apple’s statement, the company reiterated its stance that it had seen “triggers in-the-wild” for the exploit […]
Apple Mail for iPhone may be vulnerable to malware attacks
[ad_1] The problem, though, is that evidence is relatively difficult to find. ZecOps found its evidence through hints in iOS, and couldn’t obtain the malware as the messages had already been deleted. Jamf Software security researcher Patrick Wardle also told the WSJ that the evidence of ongoing attacks was “compelling,” but not authoritative. We’ve asked […]
Safari flaw let intruders hijack cameras on iPhones and Macs
[ad_1] If you're working on a Mac at home or reconnecting with friends on an iPhone, you'll want to be sure you have the latest security updates. Security researcher Ryan Pickren has detailed recently patched Safari vulnerabilities that allowed int… [ad_2] Source link