Collaborate Disseminate
Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products.
read more
Continue reading Adobe Patches ‘Critical’ Security Flaws in Illustrator, After Effects
A group of academic researchers has found a way to exploit a security flaw in the encryption algorithm used by the Hive ransomware to recover hijacked and encrypted data.
read more
Continue reading Researchers Devise Method to Decrypt Hive Ransomware-Encrypted Data
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
read more
Continue reading FCC Chair Proposes New Policies for Carrier Data Breach Reporting
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU bu… Continue reading Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’
If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability.
read m… Continue reading Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw
Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain.
read more
Continue reading GitHub Confirms Another Major NPM Security Defect
When FireEye (now Mandiant) disclosed the SolarWinds breach in December 2020, the security world was forced to accept the reality that given the motivation, time and resources, an advanced attacker can breach any organization. And if the breached organ… Continue reading SolarWinds Outlines ‘Triple Build’ Software Development Model to Secure Supply Chain
Apple has released another IOS 15 update with patches for 22 serious security defects in a wide range of iPhone and iPad software components.
The vulnerabilities are serious enough to expose iPhone and iPad users to malicious hacker attacks via rigged … Continue reading Apple Patches 22 Security Flaws Haunting iPhones
Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks.
The security defects affect a wide range of popular products, including Ad… Continue reading Adobe Patches Gaping Security Flaws in 14 Software Products
A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning from anti-malware vendor Symantec.
read more
Continue reading Nation-State APT Targets Afghans With New Toolset