Week in review: Apple fixes exploited zero-days, 1,900 Signal users exposed, Amazon Ring app vuln
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Tackling the dangers of internal communications: What can companies do? In …
Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
Active adversaries are increasingly exploiting stolen session cookies to bypass multi-factor authentication (MFA) and gain access to corporate resources, according to Sophos. …
New infosec products of the week: August 19, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Raytheon Technologies, Tenacity, and Transmit Security. AuditBoard …
Cybercriminals are using bots to deploy DDoS attacks on gambling sites
Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of …
Vulnerability in Amazon Ring app allowed access to private camera recordings
A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been …
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)
Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …
APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques
Group-IB has released new research on the state-sponsored hacker group APT41. The Group-IB Threat Intelligence team estimates that in 2021 the threat actors gained access to …
IoT: The huge cybersecurity blind spot that’s costing millions
In many ways, IoT has made our lives easier. We are technologically connected in ways we never thought possible. But organizations need to be aware of the cybersecurity blind …
How government CISOs tackle digital transformation initiatives
In this interview for Help Net Security, Dan Tucker, Senior VP at Booz Allen, and leader of the firm’s cloud and data engineering solutions for citizen services, talks about …
The factors driving today’s accelerated zero trust adoption
Zero trust has quickly progressed from a buzzword to a critical business imperative, Okta’s 2022 State of Zero Trust Security Report has found. Today, 97% of businesses say …
Identity crimes reach all-time high
The Identity Theft Resource Center (ITRC) has published a report that looks at the identity crimes committed against individuals as reported by the victims of those crimes. In …
Microsoft makes tamper protection for macOS endpoints widely available
The tamper protection feature in Microsoft Defender for Endpoint for macOS is getting rolled out to all customers, the company has announced on Monday. The feature is meant …
Featured news
Sponsored
Don't miss
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
- Faulty CrowdStrike update takes out Windows machines worldwide
- GenAI network acceleration requires prior WAN optimization
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
- eBook: How CISSP turns career goals into reality