Lisa Vaas – Page 20 – WindowsTechs.com

QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

Posted on August 31, 2021 by Lisa Vaas

The NAS maker issued two security advisories about the RCE and DoS flaws, adding to a flurry of advisories from the vast array of companies whose products use OpenSSL.
Continue reading QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout→

LockBit Gang to Publish 103GB of Bangkok Air Customer Data

Posted on August 30, 2021 by Lisa Vaas

The airline announced the breach on Thursday, and the ransomware gang started a countdown clock the next day. Continue reading LockBit Gang to Publish 103GB of Bangkok Air Customer Data→

T-Mobile’s Security Is ‘Awful,’ Says Purported Thief

Posted on August 28, 2021 by Lisa Vaas

John Binns, claiming to be behind the massive T-Mobile theft of >50m customer records, dissed the security measures of the US’s No. 2 wireless biggest carrier. T-Mobile is “humbled,” it said, announcing new partnerships with security heavyweights o… Continue reading T-Mobile’s Security Is ‘Awful,’ Says Purported Thief→

FIN8 Targets US Bank With New ‘Sardonic’ Backdoor

Posted on August 27, 2021 by Lisa Vaas

The latest refinement of the APT’s BadHatch backdoor can leverage new malware on the fly without redeployment, making it potent and nimble.
Continue reading FIN8 Targets US Bank With New ‘Sardonic’ Backdoor→

‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast

Posted on August 27, 2021 by Lisa Vaas

Splunk’s Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells. Continue reading ‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast→

F5 Bug Could Lead to Complete System Takeover

Posted on August 26, 2021 by Lisa Vaas

The worst of 13 bugs fixed by the August updates could lead to complete system compromise for users in sensitive sectors running products in Appliance mode. Continue reading F5 Bug Could Lead to Complete System Takeover→

Win10 Admin Rights Tossed Off by Yet Another Plug-In

Posted on August 25, 2021 by Lisa Vaas

Then again, you don’t even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights. Continue reading Win10 Admin Rights Tossed Off by Yet Another Plug-In→

Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day

Posted on August 24, 2021 by Lisa Vaas

Cybersecurity watchdog CitizenLab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple’s new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists – even … Continue reading Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day→

Windows 10 Admin Rights Gobbled by Razer Devices

Posted on August 23, 2021 by Lisa Vaas

So much for Windows 10’s security: a zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device. Continue reading Windows 10 Admin Rights Gobbled by Razer Devices→

What’s Next for T-Mobile and Its Customers? – Podcast

Posted on August 19, 2021 by Lisa Vaas

Hopefully not a hacked-up hairball of a “no can do” message when customers rush to change their PINs. In this episode: Corporate resilience vs. the opposite.
Continue reading What’s Next for T-Mobile and Its Customers? – Podcast→