Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products.
Adobe Patches ‘Critical’ Security Flaws in Illustrator, After Effects
Researchers Devise Method to Decrypt Hive Ransomware-Encrypted Data
A group of academic researchers has found a way to exploit a security flaw in the encryption algorithm used by the Hive ransomware to recover hijacked and encrypted data.
FCC Chair Proposes New Policies for Carrier Data Breach Reporting
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw
If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability.
Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations.
GitHub Confirms Another Major NPM Security Defect
Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain.