by Paul Ducklin Modern telephony is full of anachronisms. For example, we still “dial” calls, and many phone apps still display the word “dialling” while they’re waiting for the person at the other end to pick up. But when was the last time you saw, let alone used, a phone . . . Read more
Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks. China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon bug to stage attacks against their targets. In this case, victims are large and well-known Japanese organizations and their subsidiaries, . . . Read more
by Paul Ducklin In this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair. Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro . . . Read more
Another week, another Chrome zero-day, this time on your phone.
A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw. A previously known threat group, called UNC1945, has been compromising telecommunications companies and targeting financial and professional consulting industries, by exploiting a security flaw in Oracle’s Solaris operating system. Researchers said that . . . Read more
Google Project Zero disclosed the bug before a patch becomes available from Microsoft.
Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that’s been a persistent worry to both the company and the U.S. government over the last few months. Both on Thursday renewed . . . Read more
by Paul Ducklin Do you browse with Google Chrome or a related product such as Chromium? If so, please check that your auto-updater is working and that you have the latest version. A trip to the About Chrome or About Chromium dialog should give the version identifier 86.0.4240.111. That’s the . . . Read more
by Paul Ducklin Every time that critical patches come out for any operating system, device or app that we think you might be using, you can predict in advance what we’re going to say. Patch early, patch often. After all, why risk letting the crooks sneak in front of you . . . Read more