Collaborate Disseminate
A security researcher found a possible exploit in Microsoft’s PowerPoint that would let an attacker run an application when the user simply hovers with the mouse over a link. By default, PowerPoint won’t open an application when the user ho… Continue reading Researcher Devises PowerPoint Attack that Executes Binary Just with Mouse Hover
Facebook announced an interesting new limitation to WhatsApp with the clear goal of curbing the spread of false information related to COVID-19. While it’s difficult to dispute the benefits of having a messaging application with such a widespread… Continue reading WhatsApp Limits Message Forwarding to Prevent Spread of Misinformation
A security researcher found 10 vulnerabilities in the HP Support Assistant application shipped with every laptop the company makes, from the officially dead Windows 7 up to the latest version of Windows 10. Many companies pre-install software on their … Continue reading HP Support Assistant App Riddled with Security Issues and Vulnerabilities, Researcher Finds
NASA’s Security Operations Center (SOC) experts have issued a warning regarding a growing trend toward phishing attempts, malware attacks, or just people accessing malicious sites. Many NASA employees have started to work from home, just li… Continue reading Phishing and Malware Attacks Against NASA Employees Have Doubled
An investigation by Citizen Lab underlined a few security issues of teleconferencing application Zoom, on all platforms, and the company was quick to promise sweeping changes that would make Zoom more secure and transparent. Two major issues were broug… Continue reading Zoom Fixes Issues with Traffic Routed through Chinese Servers, Promises Better Encryption
An Elasticsearch database holding 42 million records of Iranian Telegram users was found on the web, for anyone to access. The private data included phone numbers and user names, and it’s unclear how long it was exposed. Despite heavy restriction… Continue reading Elasticsearch Database with 42 Million Records of Iranian Citizen Found Exposed Online
The Firefox Internet browser received a critical patch from the Mozilla Foundation to fix a couple of actively exploited zero-day vulnerabilities that were endangering both regular users and institutions. Zero-day vulnerabilities in Internet browsers a… Continue reading Mozilla Fixes Two Firefox Critical Vulnerabilities Exploited in the Wild
Zoom has disabled a feature in its web conferencing software that allowed the company to secretly gather data and match the information with LinkedIn sources, giving some users the ability to identify participants in the conference without their knowle… Continue reading Zoom Was Mining Data and Matching Users with LinkedIn Info
The US Cybersecurity and Infrastructure Security Agency (CISA) is advising companies, institutions and regular users to update their Google Chrome browsers to the latest version as soon as possible. Given the dominant position of Google Chrome in the I… Continue reading US Government Advises Everyone to Upgrade Google Chrome as Soon as Possible
A couple of zero-day vulnerabilities found in the MacOS version of the Zoom video conferencing application could let attackers elevate their rights to root or to gain access to the microphone and camera. Just a couple of days ago, Zoom removed the Face… Continue reading Zoom for macOS Has a Couple of Dangerous Zero-Day Vulnerabilities