Update for iOS fixes actively exploited zero-days
In an update for iOS, Apple fixes three zero-day vulnerabilities that were being actively exploited. The leaks were found by Google's Project Zero research group.
In addition to iOS, the vulnerabilities were also present in iPadOS, which is largely the same operating system. The new update fixes... Read more
A spike in Emotet activity means the ransomware gang is not far behind
Emotet attacks have been on the rise, leading to more machines getting compromised. This has prompted cybercriminals to launch more malware infections and ransomware campaigns on compromised devices.
The HP-Bromium Threat Insights Report released in October shows a 1200% increase in Emotet attac... Read more
Collection of thousands of hacked databases leaks
A collection of more than 23,000 hacked databases has temporarily appeared on a forum. The collection came from the hacker website Cit0day, which recently went offline.
Cit0day was a website where cybercriminals could buy access to the hacked databases and then abuse the stolen personal data. Th... Read more
Fortinet claims a significant speed increase in new firewall
Fortinet has announced a new firewall. The FortiGate 2600F is built for security-driven networking and, according to the company, is many times faster than competitors' offerings.
Fortinet has equipped the FortiGate 2600F with an NP7 processor and a CP9 coprocessor. According to Fortinet, the NP... Read more
Google provides patches for two Chrome Zero-Days under active exploit
Google has patched two zero-day vulnerabilities in the Chrome browser. This is the third time in two weeks that the company has had to fix a Chrome flaw under active exploit. A tweet on Monday from Ben Hawkes, the head of Google’s Project Zero’s vulnerability and exploit research section, confi... Read more
‘NAT Slipstreaming’ Allows Attackers to Remotely Bypass Firewall
Attackers can remotely access any TCP/UDP service bound to a victim machine just by the victim visiting a website.
Research over the weekend has demonstrated a new NAT-based hacking technique. This technique allows an attacker to bypass firewall protection and remotely access any TCP/UDP servi... Read more
Citrix reveals new security offerings
Citrix has announced two new products to help companies secure their cloud-based applications. Secure Internet Access and Secure Workspace Access offer different methods to secure the connection between the employee and the cloud.
Secure Internet Access
With Secure Internet Access, Citrix pro... Read more
Researches extract security key for microcode in Intel CPU
Researches have found the key that Intel uses to secure microcode updates in a number of their processors. The keys can be used to analyze updates or install custom patches.
The technique can't be used to hack all Intel processors. The key can only be found in chips based on the Goldmont archite... Read more
Machine identity attacks keep growing but are hardly ever reported
2018 and 2019 have been the worst years on record when it comes to machine identity attacks. This comes from a new report submitted by Venafi, which argues that the machine identity attacks are exploding.
The number of reported machine identity attacks grew by 400% in both 2018 and 2019. In the ... Read more
Study finds half of workers admit to opening suspicious emails
Research shows that younger employees are more apt to take risks.
Mimecast this week released new research which highlights the risky behavior of employees using company-issued devices. More than 1,000 respondents worldwide were asked how aware they are of today’s cyber risks.
The results ... Read more