September 2022 – Page 12 – PossibleThreat Articles

With 63 updates affecting Windows, Microsoft Office and the Visual Studio and .NET platforms — and reports of three publicly exploited vulnerabilities (CVE-2022-37969, CVE-2022-34713, CVE-2021-40444) — this month’s Patch Tuesday release gets a “Patch Now” priority. Key testing areas include printing, Microsoft Word, and in general application un-installations. (The Microsoft Office, .NET and browser updates can be added to your standard release schedules.)

To read this article in full, please click here

Independent Krebs Security

Botched Crypto Mugging Lands Three U.K. Men in Jail

September 16, 2022 0 Comments brickings, disco dog, discoli, joseph james o'connor, leonardo sapiano, Ne'er-Do-Well News, patrick mcgovern-allen, plugwalkjoe, rayhan miah, robert lewis barr, SIM swapping, SWATting, The Coming Storm, thomas green, violence-as-a-service

Credit to Author: BrianKrebs| Date: Fri, 16 Sep 2022 17:55:25 +0000

Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, and say the trio intended to assault a local man and force him to hand over virtual currencies.

Security Sophos

UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

September 16, 2022 0 Comments data breach, data loss, Hacking, Privacy, uber

Credit to Author: Paul Ducklin| Date: Fri, 16 Sep 2022 15:43:41 +0000

Uber is all over the news for a widely-publicised data breach. We help you answer the question, “How do I stop this happening to me?”

Security Wired

Inside the Shadow Evacuation of Kabul

September 16, 2022 0 Comments Backchannel, Security, Security / National Security

Credit to Author: Michael Venutolo-Mantovani| Date: Tue, 30 Aug 2022 10:00:00 +0000

In the last two weeks of the war, an ad hoc team armed with group chats, QR codes, and satellite maps launched a mad dash to save imperiled Afghan allies.

ComputerWorld Independent

Sadly, IT can no longer trust geolocation for much of anything

September 16, 2022 0 Comments Android, iOS, Mobile, mobile apps, Security, small and medium business

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 16 Sep 2022 03:00:00 -0700

Geolocation was once a glorious way to know who your company is dealing with (and sometimes what they are doing). Then VPNs started to undermine that. And now, things have gotten so bad that the Apple App Store and Google Play both offer apps that unashamedly declare they can spoof locations — and neither mobile OS vendor does anything to stop it.

Why? It seems both Apple and Google created the holes these developers are using.

In a nutshell, Apple and Google — to test their apps across various geographies — needed to be able to trick the system into thinking that their developers are wherever they wanted to say that they are. What’s good for the mobile goose, as they say.

To read this article in full, please click here

Security Sophos

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

September 15, 2022 0 Comments Cybercrime, deadbolt, Naked Security Podcast, Podcast, Ransomware, zero day

Credit to Author: Paul Ducklin| Date: Thu, 15 Sep 2022 18:50:37 +0000

Latest episode – listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT…

MalwareBytes Security

School app Seesaw compromised to send shock NSFW image

September 15, 2022 0 Comments Awareness, news

Categories: Awareness

Categories: News

Users of Seesaw, a student learning platform for parents and teachers, found their accounts sending out an explicit photo to other users.

MalwareBytes Security

Explained: Fuzzing for security

September 15, 2022 0 Comments buffer overflow, control flow error, explained, fuzz testing, fuzzing, memory allocation, memory leaks, news, race conditions, runtime errors

Categories: Explained

Categories: News

Tags: Fuzzing

Tags: fuzz testing

Tags: memory leaks

Tags: runtime errors

Tags: race conditions

Tags: control flow error

Tags: memory allocation

Tags: buffer overflow

Fuzzing is an automated software testing method that uses a wide range of invalid and unexpected data as input to find flaws.

(Read more…)

The post Explained: Fuzzing for security appeared first on Malwarebytes Labs.

MalwareBytes Security

Here are the new security and privacy features of iOS 16

September 15, 2022 0 Comments Apple, news

Categories: Apple

Categories: News

iOS 16 has landed and it comes with a lot of features to strengthen a user’s account security and privacy. We’ve taken a look.

MalwareBytes Security

Cyber threat hunting for SMBs: How MDR can help

September 15, 2022 0 Comments Business

Categories: Business

Threat hunting can weed out malware before anything bad like a data breach can happen, but cyber threat hunting is more difficult for SMBs to do than it is for large organizations due to resource constraints. That’s where Managed Detection and Response (MDR) can help.

(Read more…)

The post Cyber threat hunting for SMBs: How MDR can help appeared first on Malwarebytes Labs.

PossibleThreat Articles

Month: September 2022

Critical zero-days make September's Patch Tuesday a 'Patch Now' release

Botched Crypto Mugging Lands Three U.K. Men in Jail

UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

Inside the Shadow Evacuation of Kabul

Sadly, IT can no longer trust geolocation for much of anything

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

School app Seesaw compromised to send shock NSFW image

Explained: Fuzzing for security

Here are the new security and privacy features of iOS 16

Cyber threat hunting for SMBs: How MDR can help