Collaborate Disseminate
At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft’s malicious macros protections to infect MacOS users. Continue reading Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros
Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020. Continue reading Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers
A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data. Continue reading Twitter Fixes High-Severity Flaw Affecting Android Users
The explosion of open-source AI models are lowering the barrier of entry for bad actors to create fake video, audio and images – and Facebook, Twitter and other platforms aren’t ready. Continue reading Black Hat 2020: Open-Source AI to Spur Wave of ‘Synthetic Media’ Attacks
Google addressed high-severity and critical flaws tied to 54 CVEs in this month’s Android security bulletin. Continue reading High-Severity Android RCE Flaw Fixed in August Security Update
During Black Hat USA 2020, Threatpost talks to Sherrod DeGrippo, with Proofpoint, about Emotet’s recent return -and how a cyber vigilante is attempting to thwart the malware’s comeback. Continue reading A Cyber ‘Vigilante’ is Sabotaging Emotet’s Return
The potential FTC fine comes after Twitter last year acknowledged that user emails and phone numbers were being used for targeted advertising. Continue reading Twitter Could Face $250M FTC Fine Over Improper Data Use
Andrew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected. Continue reading Podcast: Learning to ‘Speak the Language’ of OT Security Teams
Almost two months after a high-severity flaw was disclosed – and seven months after it was first reported – Netgear has yet to issue fixes for 45 of its router models. Continue reading Netgear Won’t Patch 45 Router Models Vulnerable to Serious Flaw
With Black Hat USA 2020 kicking off this week, Erez Yalon with Checkmarx talks about newly disclosed, critical vulnerabilities in Meetup.com – and why they are the “holy grail” for attackers. Continue reading Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes