Be careful before you install that TikTok "unfiltering" software — it might be loaded with malware that can steal your passwords, Discord accounts, cryptocurrency wallets, and credit card data.
Security RSS
The British government has directed its departments to remove the deployment of CCTV cameras from government sites that are manufactured by Chinese firms over concerns with security.
Popular file hosting service Dropbox recently suffered a data breach that gave threat actors access to 130 of its code repositories. This was after Dropbox employees fell victim to a phishing scam.
A newly discovered ransomware strain is framing cybersecurity experts by claiming that they are the ones behind the attacks. However, the people blamed are not associated in any way with the malware.
The ticketing website, See Tickets, was affected by a major data breach in 2019 that went undetected for two years, and was only shut down in January, potentially impacting millions of customers.
Microsoft has implemented a public preview of a mechanism that allows Windows Update for Business customers to expedite the rollout of security updates. It's coming soon for non-security updates too.
PayPal is adding passkey support to its website. Initially, it'll be available on iPhone, iPad, and Mac in the United States, but next year it'll arrive in more countries and on more platforms.
Microsoft has published an advisory about a misconfiguration that led to its own, customer, and partner data being exposed. It has also called out security researchers for mishandling the disclosure.
Germany has sacked its chief of cybersecurity after media allegations that the executive has close ties to a Russian firm with links to president Vladimir Putin. An investigation is underway.
Microsoft has released an out-of-band (OOB) update for Windows 10 versions that addresses an issue with SSL and TLS. The issue was introduced with the recent October Patch Tuesday update.
Mark Zuckerberg has made the claim that WhatsApp is more secure and private than iMessage. He highlighted WhatsApp's encrypted backups, encryption across platforms, and ephemeral messages.
The Tails project has released Tails 5.5. Users on Tails 5.0 or later can do an automatic upgrade by connecting to Wi-Fi and accepting the update. Unfortunately, this update includes a new kernel bug.
Samsung has announced Knox Matrix, a blockchain-based security system designed to protect your smart home devices. It will share more technical specifications of Knox Matrix in the future.
Google has started bringing passkeys to Android and Chrome. It's still early in the day for this technology, and this rollout is intended for developers to add support to their products.
If you're a cybersecurity geek or an IT admin managing the security and integrity of your organization's infrastructure, you might want to check out Microsoft's Ignite 2022 announcements.
After over a year of waiting, Microsoft has announced today that Workspaces are finally coming to its Edge browser, along with security enhancements and accessibility improvements.
Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, this eBook is a must-have resource for companies of all sizes, and in all industries. Stake your claim.
To protect users from brute force attacks, Microsoft has pushed out an update that allows IT admins to enable account lockout policies on Windows computers that receive security updates.
This edition of Microsoft Weekly recaps a bunch of Windows 11 2022 Update issues, new features introduced to the Dev Channel, recent capabilities added to Teams, and the death of SwiftKey for iOS.
Microsoft has started deprecating Basic Auth in Exchange Online starting from today, as it has been warning for years. Customers are encouraged to migrate to Modern Auth (OAuth 2.0).
The Linux Mint team has shown some features it's working on for Linux Mint 21.1 'Vera'. Additions include a new verification tool for checking the authenticity of ISOs and a better USB image writer.
Microsoft has issued an advisory about two 0-day vulnerabilities affecting on-premises installations of Exchange Server. Unfortunately, no fix is available yet but there are a couple of mitigations.
Cloudflare has announced the open beta of Turnstile, an invisible alternative to CAPTCHAs. It uses browser telemetry to determine if a website visitor is legitimate, rather than annoying puzzles.
A recent hack at Fast Company resulted in iPhone users receiving racist and obscene push notifications via Apple News in the earlier hours of today. Fast Company has now shut down its website.
Cloudflare has announced that it's working on a new service called Zero Trust SIM. With it, companies can use an eSIM solution to help mitigate attacks against employees' phones and IoT devices.
The provisional views of the UK's Information Commissioner's Office suggest TikTok has fallen short of giving adequate protection to children under data privacy laws. It could face a £27 million fine.
By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills. Claim it for free today!
Microsoft has enabled a preview feature by default in the latest Windows 11 Dev Channel build 25206. It is related to improving the security of SMB NTLM authentication and reducing attack surfaces.
Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
With the rollout of the Windows 11 2022 Update now underway, Microsoft has confirmed that a lot of previously announced security features are now generally available. More are coming soon too.
Microsoft is switching on tamper protection for all existing customers of Microsoft Defender for Endpoint. It comes after the company enabled the feature for new customers last year.
Google is working on a feature that will add another layer of security associated to autofilling of passwords. Microsoft Edge already has this functionality but it's not the default configuration.
WinLock is an innovative security application that allows administrators to configure and restrict access to sensitive information on a computer.
Uber has suffered a significant data breach. The rideshare company has taken several of its internal systems offline to assess the extent of the damage done. It's the first major attack since 2016.
AV-Comparatives has released its latest July-August 2022 anti-virus program assessment report which shows Microsoft Defender has been worse off this time compared to the previous tests.
Meta has highlighted a recent technical implementation in Facebook that is designed to deter unauthorized data scrapers from guessing and repeatedly accessing URLs to access user data.
In a rare move from Apple, iOS 12 has been updated today to address a security concern on devices that cannot run the current version of iOS. iOS 12 was last updated in September 2021.
The Microsoft 365 Defender Research Team has today disclosed a high-severity vulnerability in the Android version of TikTok, allowing attackers to access user accounts with a single click.
The UK government is set to introduce laws to ensure broadband and mobile companies follow strict security protocols. Failure to do so will see firms get fined by Ofcom by as much as £100,000 per day.
Google has revealed an expansion to its Vulnerability Reward Program (VRP). It is designed to encourage privately reporting security flaws in open source software in exchange for monetary rewards.