Bypass Glitch Allows Malware to Masquerade as Legit Apple Files

Malware can to worm its way onto Macs thanks to a recently discovered code-signing bypass flaw.

Android Devices With Misconfigured ADB, a Ripe Target for Cryptojacking Malware

Vendors have been shipping Android products with Android Debug Bridge enabled, making them attractive targets for hackers.

June Patch Tuesday: Microsoft Issues Fixes for DNS, Cortana

One of the most serious issues is a critical remote code execution vulnerability in the Windows DNS, which could allow an attacker to take full control of the targeted machine.

Microsoft Releases June 2018 Security Updates

Original release date: June 12, 2018 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft’s June 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Foscam Issues Patches For Vulnerabilities in IP Cameras

Researchers found three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera’s IP address.

International BEC Takedown

The FBI partnered with domestic and international law enforcement agencies on Operation WireWire, a large-scale, coordinated effort to dismantle business e-mail compromise schemes.

SB18-162: Vulnerability Summary for the Week of June 4, 2018

Original release date: June 11, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »

Lenovo Finally Patches Ancient BlueBorne Bugs in Tab and Yoga Tablets

Lenovo patches several popular tablet models to protect against BlueBorne vulnerabilities first identified in September 2017.

Adobe Patches Critical Flash Player Bug With Active Exploit

A critical Adobe flaw is being exploited in targeted attacks against Windows users.

Operation Prowli Profits On Weak IoT Devices, Servers

A new malicious campaign has compromised more than 40,000 machines globally to monetize via traffic hijacking and cryptomining.