Firefox 99 is out – no major bugs, but update anyway!
Credit to Author: Paul Ducklin| Date: Tue, 05 Apr 2022 16:21:07 +0000
Firefox’s four-weekly updates just dropped – here’s what you need to know.
Read moreMonth: April 2022
Apple quietly stops meaningful auto-updates in iOS
Credit to Author: Evan Schuman| Date: Tue, 05 Apr 2022 09:14:00 -0700
In the mobile world pitting Apple’s iOS devices against Google’s Android devices, Apple has historically had one distinct advantage: patches and updates.
Given the fragmented nature of Android (hundreds of handset manufacturers versus just one for iOS), it is simply far easier for Apple to quickly and efficiently push out updates in a way that allows a large percentage of users get updates quickly. That has been true regardless of whether its new functionality or a critical security patch.
So what’s the problem? Craig Federighi, Apple’s senior vice president of software engineering, has quietly said that Apple has dramatically slowed down auto updates — by as much as a month.
New security features for Windows 11 will help protect hybrid work
Credit to Author: Christine Barrett| Date: Tue, 05 Apr 2022 15:00:00 +0000
Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cyber criminals and nation states alike have improved their targeting, speed and accuracy as the world adapted to working outside the office.
The post New security features for Windows 11 will help protect hybrid work appeared first on Microsoft Security Blog.
Read moreGoogle’s monthly Android updates patch numerous “get root” holes
Credit to Author: Paul Ducklin| Date: Tue, 05 Apr 2022 14:44:20 +0000
Get the update now… if it’s available for your phone. Here’s how to check.
Read moreNFTs Are a Privacy and Security Nightmare
Credit to Author: Eric Ravenscraft| Date: Tue, 05 Apr 2022 11:00:00 +0000
The blockchain isn’t as “anonymous” as you might think.
Read moreCISA advises D-Link users to take vulnerable routers offline
Credit to Author: Pieter Arntz| Date: Tue, 05 Apr 2022 13:23:12 +0000
CISA has advised users to take certain vulnerable D-Link routers offline since the existing vulnerabilities are know to be actively exploited and the models have reached EOL and will not get patched.
The post CISA advises D-Link users to take vulnerable routers offline appeared first on Malwarebytes Labs.
Read moreThwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Credit to Author: Earle Maui Earnshaw| Date: Tue, 05 Apr 2022 00:00:00 +0000
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware.
Read moreAndroid 12 Upgrade Report Card: What a weird year
Credit to Author: JR Raphael| Date: Tue, 05 Apr 2022 03:00:00 -0700
In the world of software, six months is an eternity.
Heck, look at how much has happened over the past six months since Android 12 came into the universe. Google started and then finished a hefty 0.1-style update that lays the groundwork for significant large-screen improvements to the Android experience. And it’s now well into the public development phase of its next big Android version, Android 13 — which is the rapidly forming release on most folks’ minds at this point.
GitLab issues security updates; watch out for hard coded passwords
Credit to Author: Christopher Boyd| Date: Tue, 05 Apr 2022 08:56:14 +0000
We take a look at several security updates released by GitLab, the most important of which addressed hard coded passwords.
The post GitLab issues security updates; watch out for hard coded passwords appeared first on Malwarebytes Labs.
Read moreMacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639
Credit to Author: Mickey Jin| Date: Mon, 04 Apr 2022 00:00:00 +0000
We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.
Read more