February 19, 2024
Via: TechRadarGoogle Chrome is getting an upgrade that will help safeguard devices connected to a private or home network. Google outlined its plans in a post on its Chrome Platform Status page, explaining that the new feature will behave as a […]
January 29, 2024
Via: TechRadarConsumers in China looking to access banned communications apps such as Telegram are being targeted by threat actors looking to deploy various malware. This is according to a new report from Malwarebytes’ Jérôme Segura, who found unnamed hackers have been […]
January 18, 2024
Via: The RegisterRussian cyberspies linked to the Kremlin’s Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November 2022, according to Google’s Threat […]
January 2, 2024
Via: The RegisterSecurity researchers say info-stealing malware can still access victims’ compromised Google accounts even after passwords have been changed. A zero-day exploit of Google account security was first teased by a cybercriminal known as “PRISMA” in October 2023, boasting that the […]
December 29, 2023
Via: TechRadarGoogle Cloud has patched a vulnerability that may have allowed malicious actors with access to a Kubernetes cluster to elevate their privileges and wreak havoc. “An attacker who has compromised the Fluent Bit logging container could combine that access with […]
December 5, 2023
Via: Security AffairsGoogle December 2023 Android security updates addressed 85 vulnerabilities, including a critical zero-click remote code execution (RCE) flaw tracked as CVE-2023-40088. The vulnerability resides in Android’s System component, it doesn’t require additional privileges to be triggered. An attacker can exploit […]
December 1, 2023
Via: The RegisterMeta and Google have disclosed what they allege are offensive cyber ops conducted by China. The Social Network™ used its Quarterly Adversarial Threat Report [PDF], published Thursday, to report it booted 4,789 Facebook accounts for violating its policy against coordinated […]
November 14, 2023
Via: The RegisterGoogle has sued three scammers for offering a fake download of its Bard AI chatbot that contained malware capable of stealing credentials for small business’ social media accounts. The web giant’s lawsuit [PDF], filed on Monday in a San Jose […]
November 7, 2023
Via: TechRadarHackers have found a way to bypass Android’s “Restricted Settings” and install malware on a victim’s devices. Restricted Settings is a security feature first introduced in Android 13 that prevents apps downloaded from non-vetted sources (i.e. places other than the […]
Threats & Malware, Virus & Malware
October 18, 2023
Via: TechRadarThere are multiple fake “update your browser” campaigns active right now that are aiming to trick people into installing all kinds of malware on their devices. A new report from Proofpoint observed at least four different campaigns, delivering different malicious […]
Threats & Malware, Virus & Malware
October 12, 2023
Via: SecureWorldIn recent months, the cybersecurity world has been shaken by the revelation of a sophisticated and unprecedented cyber threat: the HTTP/2 Rapid Reset Zero-Day vulnerability. This exploit, tracked as CVE-2023-44487, enabled cybercriminals to orchestrate what has been dubbed the largest […]
Threats & Malware, Vulnerabilities
October 11, 2023
Via: The RegisterAfter a week of rampant speculation about the nature of the security issues in curl, the latest version of the command line transfer tool was finally released today. Described by curl project founder and lead developer Daniel Stenberg as “probably […]
Threats & Malware, Vulnerabilities
October 4, 2023
Via: Security AffairsThree out of 17 flaws are rated Critical, 13 are rated High, and one is rated Medium in severity. The company is also warning that three other zero-day vulnerabilities are actively exploited in attacks in the wild. Google Threat Analysis […]
September 28, 2023
Via: The RegisterGoogle’s Bard chatbot is currently being re-educated to better understand privacy. In July, Bard gained the ability to share conversations with other people using a unique public link. Unfortunately, Google Search has indexed those shared links, making them more widely […]
September 6, 2023
Via: The Hacker NewsGoogle has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case […]
Application security, Security
August 18, 2023
Via: The Hacker NewsGoogle has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release […]
August 9, 2023
Via: The Hacker NewsGoogle has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it’s introducing a second user setting to turn off support, […]
Application security, Security
August 4, 2023
Via: Dark ReadingWhen Fortanix launched in 2016, the company made a decision: It would commit to the one-year-old Rust’s programming language to benefit from its security strengths and performance. Seven years later, Fortanix’s commitment to Rust has proved to be a success. […]
July 25, 2023
Via: The Hacker NewsA new security vulnerability has been discovered in AMD’s Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed […]
Threats & Malware, Vulnerabilities
July 24, 2023
Via: The Hacker NewsZero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, […]