Firefox 104 is out – no critical bugs, but update anyway
Credit to Author: Paul Ducklin| Date: Fri, 26 Aug 2022 16:27:08 +0000
Two trust-spoofing bugs were the main culprits this month – but neither one was a zero-day.
Read moreMonth: August 2022
What is Managed Device Attestation on Apple platforms?
Credit to Author: Jonny Evans| Date: Fri, 26 Aug 2022 09:43:00 -0700
Announced at WWDC 2022, Managed Device Attestation protection shows that Apple is adjusting device security protections to adapt to an increasingly distributed age.
Secure the endpoints, not the end times
This adjustment reflects a reality shift. Work doesn’t happen on specific servers or behind defined firewalls today. VPN access can differ across teams. And yet, in a workplace defined by multiple remote devices (endpoints), the security threat is greater than ever.
Managed Device Attestation works to create a second boundary of trust around which device management solutions can work to protect against attack.
Their Photos Were Posted Online. Then They Were Bombed
Credit to Author: Matt Burgess| Date: Fri, 26 Aug 2022 11:00:00 +0000
An attack on Russian mercenaries shows how militaries are increasingly using open source data—with sometimes deadly consequences.
Read morePlanned ‘fixes’ for credit-card interchange fees will actually make fraud easier
Credit to Author: Evan Schuman| Date: Fri, 26 Aug 2022 03:00:00 -0700
I love it when organizations try and do something good, but don’t think things through and end up delivering unintended negative consequences.
Today’s case in point: the US Senate and the Federal Reserve, both of whom are looking to reduce high interchange costs, but are unintentionally increasing costs for merchants and sharply boosting the undiscovered fraud rate. Not bad for government work.
Let’s start with the Senate, where Sens. Dick Durbin (D-IL) and Roger Marshall (R-KS) have crafted The Credit Card Competition Act of 2022. Its stated goal: reduce the interchange fee that financial institutions and card brands (Visa, MasterCard, Amex, etc.) charge retailers.
Exploits and TrickBot disrupt manufacturing operations
Categories: Threat Intelligence September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021. |
The post Exploits and TrickBot disrupt manufacturing operations appeared first on Malwarebytes Labs.
Read moreIntroducing Patch Management for OneView
Categories: Business We’re thrilled to announce our Patch Management module for OneView, which is paired alongside our Vulnerability Assessment module to help you uncover vulnerabilities, respond to threats, and keep your customers productive and safe. |
The post Introducing Patch Management for OneView appeared first on Malwarebytes Labs.
Read moreUpdate now! GitLab issues critical security release for RCE vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: GitLab Tags: RCE Tags: CVE-2022-2884 Tags: GitHub Tags: import GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884. |
The post Update now! GitLab issues critical security release for RCE vulnerability appeared first on Malwarebytes Labs.
Read moreBinance chief says a “sophisticated hacking team” turned him into a deepfake hologram
Categories: News Tags: Deepfake Tags: fake Tags: binance Tags: cryptocurrency Tags: Linkedin Tags: scam Tags: Zoom Tags: meeting Tags: call Tags: fake We take a look at reports of a Deepfake hologram getting up to no good in bogus cryptocurrency Zoom calls. |
The post Binance chief says a “sophisticated hacking team” turned him into a deepfake hologram appeared first on Malwarebytes Labs.
Read moreTwitter security under scrutiny after former executive turns whistleblower
Categories: News Tags: Twitter Tags: Zatko Tags: Mudge Tags: L0pht Tags: Cult of the dead cow Tags: Infrastructure Tags: bots Tags: Elon Musk Tags: FTC Tags: SEC Tags: whistleblower Former Twitter head of security and ethical hacker Peiter Mudge Zatko has alleged some serious problems about the social media giant. |
The post Twitter security under scrutiny after former executive turns whistleblower appeared first on Malwarebytes Labs.
Read moreS3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
Credit to Author: Paul Ducklin| Date: Thu, 25 Aug 2022 15:37:51 +0000
Latest episode – listen now! (Or read the transcript if you prefer the text version.)
Read more