Want to know more about this topic or about us? Contact us!
The SYS01 infection chain uses DLL sideloading to steal information. Learn how to protect your business from this cybersecurity threat. Image: SomYuZu/Adobe Stock Morphisec, a security solution provider based in Israel, has reported that an advanced information stealer malware dubbed SYS01 is aimed at stealing access to Facebook business accounts . . . Read more
Ninth more unto the breach, dear friends, ninth more.
We’ve said it before/And we’ll say it again/It’s not *if* you should patch/It’s a matter of *when*. (Hint: now!)
CVE-2022-1096 – another mystery in-the-wild 0-day in Chrome… check your version now!
Calling all website coders: Y2K was then. V1H is now!
Zero-day buses: none for a while, then three at once. Here’s Google joining Apple and Adobe in “zero-day week”
by Paul Ducklin Microsoft’s Patch Tuesday announcement was bad enough, with six in-the-wild vulnerabilities patched, including one buried in the vestiges of Internet Explorer’s MSHTML web rendering code… …and it’s been followed by Google’s latest Chrome security advisory, which includes a zero-day patch (CVE-2021-30551) to Chrome’s JavaScript engine amongst its . . . Read more
by Paul Ducklin Almost exactly a month ago, or a couple of days under an average month given that February was the short one, we warned of a zero-day bug in Google’s Chromium browser code. Patch now, we said. And we’re saying it again, following Google’s otherwise cheery release of . . . Read more
by Paul Ducklin Google, whose Project Zero bug-hunting team is often surprisingly vocal when describing and discussing software vulnerabilities, has taken a very quiet approach to a just-patched bug in its Chrome browser. In this case, the low-key announcement is understandable, because the patch fixes a hole that cybercrooks are . . . Read more
Another week, another Chrome zero-day, this time on your phone.