18 Sep 2020

iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features

This week, Apple patched roughly a dozen vulnerabilities and introduced new privacy features to accompany the rollout of iOS 14 and iPadOS 14. The addressed security flaws impact different operating system components such as Assets, Icons, AppleAVD, Sandbox, Siri, and WebKit. The flaws could result in several different occurrences, such

Read More
18 Sep 2020

Google Play Bans Stalkerware and ‘Misrepresentation’

Google has announced that its Play Store will enforce stricter bans prohibiting the sale of spy and surveillance ware that could potentially contribute to political influence campaigns. Starting on October 1, any application that could allow someone to track the user’s location or online activity will be removed from the

Read More
18 Sep 2020

Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data

The US Department of Justice has charged three Iranian hackers allegedly involved with the threat actor group APT39, accusing them of curating a campaign intended to steal critical data related to US projects and intellectual property in aerospace and satellite technology. This is the third time in just three days

Read More
18 Sep 2020

US Commerce Department to ban TikTok and WeChat downloads starting Sept. 20

Today, the US Commerce Department announced that, in line with President Trump’s executive order, all downloads of WeChat and TikTok will be banned beginning on Sunday. President Trump previously signed two executive orders against the Chinese-owned social media platforms in early August, claiming that the apps posed a threat to

Read More
17 Sep 2020

Bluetooth Spoofing Bug Affects Billions of IoT Devices

Academic researchers at Purdue University have discovered a vulnerability within Bluetooth Low Energy (BLE) that could allow for spoofing attacks. This bug remains unpatched in Android devices, potentially impacting millions of consumers and billions of IoT devices. The BLE spoofing vulnerability is likely a result of security experts overlooking the

Read More
17 Sep 2020

Likely Links Emerge Between Lazarus Group and Russian-Speaking Cybercriminals

Yesterday, newly published nalysis from the security firm Intel 471 uncovered links between North Korea’s Lazarus Group and Russian-speaking cybercriminals. The report pinpoints links between the two organizations through examining years of security incidents. The conclusion, however, depends on two popular and generally accepted assumptions: that the Trickbot, TA505, and

Read More
17 Sep 2020

US charges five hackers part of Chinese state-sponsored group APT41

Yesterday, the US government filed charges against Chinese nationals with known connections to the notorious hacking group known as APT41. Five Chinese nationals will face charges relating to hacking more than 100 international companies on behalf of the Chinese government. The court documents unsealed yesterday state that the group has

Read More
16 Sep 2020

Flaws in Philips Patient Monitoring Products Can Lead to Patient Data Exposure

A total of eight security issues have been identified in Philips patient monitoring solutions that could potentially lead to threat actors accessing sensitive patient data without authorization. Although the severity ratings of the flaws range from medium to low, the Cybersecurity and Infrastructure Security Agency (CISA) warns that a low-skilled

Read More
16 Sep 2020

Windows Exploit Released For Microsoft ‘Zerologon’ Flaw

Security researchers and US government authorities have been alerting the public to a critical privilege escalation flaw in Microsoft services, urging admins to address the pressing security issue. A proof-of-concept exploit code has been recently released for a Windows flaw that could allow attackers to obtain administrative privileges within a

Read More
16 Sep 2020

More Cyberattacks in the First Half of 2020 Than in All of 2019

According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half of 2020 than in all of 2019. This may be due to the pandemic and subsequent lockdown measures forcing employees to mass shift to

Read More