Google this week released security updates for Android to resolve numerous Critical remote code execution (RCE) and elevation of privilege (EoP) vulnerabilities in the platform.
read more
How to Reduce the Top Five Security Stressors
April is Stress Awareness Month. With the pace of constantly-evolving threats, budget battles and security apathy from users, it isn’t a stretch to imagine that stress is a part of the job in IT security.
read more
Researchers Disclose Unpatched Flaws in Schneider Electric PLCs
Researchers have disclosed the details of two vulnerabilities affecting some of Schneider Electric’s Modicon programmable logic controllers (PLCs) after the vendor failed to provide any status updates or feedback.
read more
Cyberspies Target Middle East With Windows, Android Malware
A cyberespionage group apparently not linked to any previously known threat actor has been using several Windows and Android malware families in attacks aimed at organizations in the Middle East.
read more
Flaws in Java AMF Libraries Allow Remote Code Execution
Deserialization-related vulnerabilities found in several Java implementations of AMF3 can be exploited for unauthenticated remote code execution and XXE attacks, warned CERT/CC.
read more
Wi-Fi Flaws Expose iPhone, Nexus Phones to Attacks
Vulnerabilities in Broadcom’s Wi-Fi system-on-chip (SoC) can be exploited to hijack iPhone, Nexus, Samsung and other smartphones without requiring any user interaction.
read more
Ecuador’s New President Warns Assange Not to ‘Meddle’
Ecuador's President-elect Lenin Moreno warned Julian Assange on Tuesday not to meddle in the country's politics, after the WikiLeaks founder taunted a rival candidate following his loss.
read more
New RAT Uses Popular Sites for Command and Control
A newly discovered remote administration tool (RAT) uses popular legitimate websites for its command and control (C&C) communication and for the exfiltration of data, Talos researchers say.
read more
NoMoreRansom Expands with New Decryptors, Partners
NoMoreRansom, a project launched in 2016 by Europol, the Dutch National Police, Kaspersky Lab and Intel Security (now once again McAfee) has published its latest progress report.
read more
Google Announces New Accounts Sign-in Rules
Google on Monday announced the rollout of a new Accounts sign-in page and of a series of updates to the policies that 3rd-party Single Sign-On (SSO) providers should comply with.
read more