Microsoft Releases PoC Code For MacOS App Sandbox Vulnerability
MacOS features a powerful sandbox restriction that helps keep modern Apple computers safe by limiting how code can run on the system. Unfortunately, no system is bullet proof. There’s a way that a determined attacker could bypass sandbox restrictions and execute malicious code arbitrarily. Engineers at Microsoft discovered the vulnerability, and independent security researcher Arsenii […]
Lenovo Models Affected By Medium Severity Vulnerabilities
If you own a Lenovo laptop, be aware that researchers at ESET have recently discovered a trio of bugs reported to Lenovo that could allow an attacker to disable security features and hijack your operating system. The issues are tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892 and are all classed as medium severity level. The first […]
IoT Security With Microsoft Defender
The Internet of Things (IoT) has seen explosive growth in recent years. If you like, you can now build your own smart home with intelligent toasters, washing machines, dishwashers, and refrigerators. They are all connected to your home network, and they all make vast amounts of data available to you at your fingertips. Unfortunately, security […]
Hackers Use VoIP Systems To Install PHP Web Shells
Security researchers at Unit 42, a division of Palo Alto Networks, have been tracking the efforts of a massive campaign aimed at Elastix VoIP telephony servers. They are used by companies of all shapes and sizes to unify their communications, and it is especially attractive because it can be used with the Digium phones module […]
Apple Users Will Want To Update As Soon As Possible
Do you own a device running macOS Monterey 12.5.1, or iOS/iPadOS 15.6.1? If so, you’ll want to download and install the latest patches as soon as possible. Apple recently released a small but critical security update aimed at fixing a pair of serious vulnerabilities that could allow an attacker to execute arbitrary code on an […]
Raspberry Robin Worm In Hundreds Of Windows Networks
Analysts at Red Canary Intelligence have recently spotted a Windows worm on hundreds of networks belonging to a wide range of organizations around the world. Dubbed “Raspberry Robin” by the research team that discovered it, this worm spreads via infected USB devices and was initially spotted in September of last year (2021). Another firm, Sekoia, […]
Prepare For Windows Server 2012 End Of Support
Another week, another Microsoft “End of Life” reminder to write about. This time, it’s Windows Server 2012 R2. If you’re a user, then you’re probably already aware of the looming deadline. If you’ve blocked it out of your mind, or if you’ve missed the notifications that Microsoft has been sending out, here’s what you need […]
Microsoft Is Phasing Out Windows 8.1
If you are still using Windows 8.1 and if you’ve somehow managed to avoid seeing the parade of notices Microsoft has been sending out, you should know that the end is nigh. Support for the aging OS will end on January 10, 2023. If you have not already done so, you should begin making plans […]
Twilio Data Breach Happened Via Employee Smishing
Twilio is the Cloud Communications Company. They are the latest to fall victim to a data breach. The company recently disclosed that some of its customer data was accessed by unknown attackers who gained access to the system by stealing employee login credentials via an SMS phishing attack, known as ‘Smishing,’ for short. The company’s […]
OpenSea Warns Users Of Phishing Attacks From Data Breach
Are you a fan of NFTs? If so, you’ve probably heard of OpenSea, which is the largest marketplace for non-fungible tokens. If you have an account there, be aware that recently the company disclosed that their network had been breached and they issued a warning to their clients urging them to be on the lookout […]