Tuesday, August 3, 2021

BazarCaller – the malware gang that talks you into infecting yourself

Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.

Microsoft researcher found Apple 0-day in March, didn’t report it

Ut tensio, sic uis! Does twice the bug pile on twice the pressure to fix it?

Apple emergency zero-day fix for iPhones and Macs – get it now!

You're probably expecting us to say, "Patch early, patch often." And that is EXACTLY what we're saying!

Windows “PetitPotam” network attack – how to protect against it

A cute name but an annoying and potentially damaging attack. Here's what to do.

US court gets UK Twitter hack suspect arrested in Spain

O, what a tangled web we weave/When first we practise to deceive!

Windows “HiveNightmare” bug could leak passwords – here’s what to do!

Windows "hives" contain registry data, some of it secret. The nightmare is that these files aren't properly protected against snooping.

Apple iPhone patches are out – no news if recent Wi-Fi bug is fixed

Remember that weird iPhone Wi-Fi bug from a week or so ago? Let's hope this update patches it!
SecurityWeek

Google Patches High-Risk Android Security Flaws

Google this week pushed out a security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks. The latest Android update provides documentation on 33 security bugs, some serious...
SecurityWeek

Mismanagement Driving Cybersecurity Skills Gap: Research

“To some extent, this data supports the theory that the cybersecurity skills shortage is related to mismanagement rather than a dearth of qualified candidates or advanced skills.” read more
Google

Linux Kernel Security Done Right

Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SecurityWeek

SAP Customer Survey Reveals False Sense of Security

Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis. The SAP Security Survey Report 2021 is based on information from over 100 SAP...