News aggregator

Internet giants unite to stop warrantless snooping on web histories

Sophos - Naked Security - Tue, 26/05/2020 - 13:01
7 internet giants, including Mozilla, Reddit and Twitter, asked the House to do what the Senate narrowly missed doing: protect browsing history.

Docker Desktop danger discovered, patch now

Sophos - Naked Security - Tue, 26/05/2020 - 11:56
Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its service.

New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps

THN - Tue, 26/05/2020 - 11:40
Remember Strandhogg? A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. Late last year, at the time of its public disclosure, researchers also confirmed that some attackers were already exploiting the flaw in the

New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data

THN - Tue, 26/05/2020 - 06:48
Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data. "ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with

What is the dark web? Your questions answered, in plain English

Sophos - Naked Security - Mon, 25/05/2020 - 07:06
Watch this new video from our YouTube channel - the dark web explained without jargon or judgment.

Monday review – the hot 16 stories of the week

Sophos - Naked Security - Mon, 25/05/2020 - 06:04
From virtual machine ransomware to changes in Signal secure messaging - and everything in between. It's your weekly roundup time.

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

THN - Mon, 25/05/2020 - 05:02
The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said "every other jailbreak released since iOS 9 used 1day exploits that were either patched in the next

The ransomware that attacks you from inside a virtual machine

Sophos - Naked Security - Fri, 22/05/2020 - 13:07
In a recent attack, Ragnar Locker ransomware was seen encrypting victim's files while shielded from security software inside a virtual machine.

Signal secure messaging can now identify you without a phone number

Sophos - Naked Security - Fri, 22/05/2020 - 13:00
Signal decouples its secure messaging service from your phone number - a bit.

Apple and Google launch COVID-19 contact tracing API

Sophos - Naked Security - Fri, 22/05/2020 - 09:39
The first phase of Apple and Google's contact tracing framework allows public health authorities across the world to connect their apps with data that could help them identify people at risk from coronavirus.

Adobe “out of band” critical patch – get your update now!

Sophos - Naked Security - Thu, 21/05/2020 - 10:42
Looks as though at least one of these patches was supposed to come out a week ago but ended up delayed until now...

Scammers target COVID-19 CARES Act relief scheme

Sophos - Naked Security - Thu, 21/05/2020 - 10:07
US states are being flooded by fraudulent unemployment applications in a scam run by a sophisticated cybergang.

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

THN - Thu, 21/05/2020 - 08:34
The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a

Chrome 83 adds DNS-over-HTTPS support and privacy tweaks

Sophos - Naked Security - Thu, 21/05/2020 - 08:20
This week sees the early arrival of Chrome 83 with a longer list of new security features than originally planned.

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

THN - Thu, 21/05/2020 - 05:11
Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known for its attacks on telecommunication and travel industries in the Middle East to collect personal

Beware of emails with “horrible charts” about Covid-19

Sophos - Naked Security - Wed, 20/05/2020 - 13:23
These charts aren't "horrible" because of their coronavirus data - they're horrible because they could let criminals conquer your computer.

[Guide] Finding Best Security Outsourcing Alternative for Your Organization

THN - Wed, 20/05/2020 - 10:11
As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form. Today, Cynet releases the Security Outsourcing Guide (download here), providing IT Security executives with clear and actionable guidance on

Office 365 exposed some internal search results to other companies

Sophos - Naked Security - Wed, 20/05/2020 - 09:48
It’s not clear how many accounts were involved, but Microsoft is said to have made URLs and metadata available so admins can investigate.


Subscribe to Shiga Tecnologia aggregator