This week’s items include: Puma-Kronos Breach Continues Focus on Third Party Risk Management WSJ Reports that Two Months After Log4j, Developers are Still Downloading Thousands of Packages a Day Vulnerable to Attack Ford Will Shut Down or Cut Production at 8 North America Plants Due to Lack of Chips Apple Releases Patch for Active Zero-Day…
This week’s items include: FBI and CIA purchased NSO Group’s Pegasus spyware Microsoft continues to enhance Edge Chromium security Facebook learns that people do care about their privacy and it will cost them $10 B this year FCC revokes China Unicom’s license to operate in the U.S. Kronos is still dealing with the effects of…
DHS says U.S. on heightened alert for Russian cyberattack Apple updates personal safety guide in wake of stalkers using AirTags to track victims Missing MS Intune cert breaks email, VPN on Samsung devices on Android 12 Apple fixes Safari data leak after being outed Apple patches actively exploited iOS security flaw Workers file lawsuits in…
Here is the security news for the week ending January 23, 2022 January 23, 2022 Critical SAP vulnerability allows for supply chain attacks US Olympians told to use burner phones in China Google details two zero-days in Zoom clients It has not been a good couple of months for Zoho Court to Europol – delete…
The FBI has issued a warning about scammers posting bogus QR codes using a variety of different methods from printing them on a piece of paper to including the bogus codes in an application. Learn more: Audio Video
Here is the security news for the week ending January 16, 2022: January 16, 2022 Gettr, the Alt-Tech, Uses Trackers, Features from Facebook and Google Chrome to Limit Access to Private Networks (via browser, finally) Remotely Executable NetUSB Bug Puts Millions of Devices at Risk Ivanti Updates Log4j Security Advisory for Multiple Products NYDFS Delays…
The easiest way for hackers to steal your money is to get you to help them do it. We are seeing attacks where the victim gets a text message supposedly from their bank about a potentially fraudulent transaction and asking the victim if it is legitimate. If the victim answers, the hacker goes into high…
This week’s security news includes: Son of Log4j rears its ugly head; Model warns women to check your belongings after being tracked by Apple AirTag; AMD releases new chip with Microsoft’s Pluton processor; New consumer protection laws in 2022; SonicWall is the most recent vendor to have Y2K22 bug; Over 1,200 man-in-the-middle toolkits available to…
Log4j is a bug in a software library used by millions of programs that seems to defy being fixed. Even though the developers have patched it 4 times in the matter of a week or two, the bugs keep coming. And now we are finding derivatives of the original bug in other pieces of unrelated…
This week’s security news includes: On-premise Microsoft Exchange emergency files for Y2K problem in 2022 Christmas gifts bring security headaches Some users of LastPass password manager receive warning about login attempts The 5 layers of effective endpoint security Duck, Duck Go Log4j patch of the day New York man pleads guilty to $20 million SIM…
