Credit to Author: Chris McCormack| Date: Tue, 18 Jul 2023 18:30:03 +0000
Sophos has received Frost & Sullivan’s prestigious Competitive Strategy Leadership Award in the next-generation firewall (NGFW) industry.
Read more
Credit to Author: Paul Ducklin| Date: Tue, 18 Jul 2023 16:59:18 +0000
The first compromise didn’t get the crooks as far as they wanted, so they found a second one that did…
Read more
Data encryption is threatened by government forces who haven’t yet recognized that without personal security, you cannot have enterprise security. Because attackers will exploit any available weakness to undermine protection — and if your people or your customers aren’t secure, neither is your business.
Attackers will always go where the money is. They will spend lots of it to mount attacks. They will delve deeper, and if they’re spending money, they also have the necessary resources to investigate absolutely anyone they can identify as a potential target.
Credit to Author: BrianKrebs| Date: Tue, 18 Jul 2023 14:57:04 +0000
[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom, was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. Bloom resigned from AshleyMadison citing health reasons in June 2015 — less than one month before unidentified hackers stole data on 37 million users — and launched LeakedSource three months later.
Read moreCredit to Author: Daniel Lunghi| Date: Fri, 14 Jul 2023 00:00:00 +0000
We recently found that a modified installer of the E-Office app used by the Pakistani government delivered a Shadowpad sample, suggesting a possible supply-chain attack.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: MalasLocker Tags: vulnerability Tags: Google Tags: actively exploited Tags: fn:escapeXml Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. |
The post Act now! In-the-wild Zimbra vulnerability needs a workaround appeared first on Malwarebytes Labs.
Read moreCategories: Podcast This week on Lock and Code, we speak with maia arson crimew about the hack of the monitoring app LetMeSpy, which many have labeled as stalkerware. |
The post Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew appeared first on Malwarebytes Labs.
Read moreCategories: News Tags: week Tags: security Tags: July Tags: 2023 A list of topics we covered in the week of July 10 to July 16 of 2023 |
The post A week in security (July 10 – 16) appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: Safari Tags: WebKit Tags: macOS Tags: iOS Tags: iPadOs Tags: CVE-2023-37450 Tags: drive-by Tags: code execution Apple has issued an update for a zero-day vulnerability in the WebKit browser engine which may be actively exploited. |
The post [Updated] Apple issues Rapid Security Response for zero-day vulnerability appeared first on Malwarebytes Labs.
Read more
Credit to Author: Dhruv Mehrotra| Date: Sat, 15 Jul 2023 13:00:00 +0000
Plus: A fitness app may have leaked the location of a murdered submarine captain, the privacy risks of filing taxes online, and how Facebook data was used in an abortion trial.
Read more