Today Apple released updates for core products that include iOS 12.1, Safari 12.0.1, iCloud for Windows, iTunes, watchOS 5.1, tvOS 12.1, and macOS.
According to the changelog, Microsoft has finally fixed a bug where the system won't display a confirmation prompt when users extract a file from a zip archive to a location where the file with the same name exists. Microsoft recently acknowledged the issue and today's update has finally addressed it.
A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim's files.
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices.
The Dashlane password management company has released research showing that the majority of the top 30 consumer sites do not offer a complete range of two factor authentication (2FA) options for login authentication. Of the top 30 sites, only 8 offered all of the tested for 2FA options.
Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns.
A Trojan pretending to be a macOS cryptocurrency ticker called CoinTicker is installing two backdoors on the macs of unsuspecting users.
A bug in Windows 10 allowed UWP apps (Universal Windows Platform) to have access to the entire file system in Windows without permission from the user. This could have allowed a malicious app to access any data stored on the computer without the knowledge or consent of the user.
As the infosec community talked about potential cyber attacks leveraging vulnerabilities in antivirus products, Microsoft took notes and started to work on a solution. The company announced that its Windows Defender can run in a sandbox.
Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems.
Security researchers found a new DDoS-for-hire service that offers easy and cheap access to sufficient power to knock down most targets.
We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender for GandCrab v1, v4, and v5, and finally a new FilesLocker rasnomware as a service.
A vulnerability that is trivial to exploit allows privilege escalation to root level on Linux and BSD distributions using X.Org server, the open source implementation of the X Window System that offers the graphical environment.
In this deal you get access to 6 courses and over 45 hours in training on how to program in Python. Included in this bundle is a course that introduces you to using Python to detect and defeat online threats.
Despite North Korea's isolation from the rest of the world, the country's ruling elite use the internet to escape economic sanctions and to find and tackle new money-making opportunities, legal or not.
Attackers looking to increase the denial-service-power of their botnet have set their sights on servers with vulnerable Hadoop installations, compromising them via publicly available exploits.
Mozilla Firefox 63 was released this week with a bunch of new features such as enhanced tracking protection, Search Shortcuts, Tab Previews, synchronized Windows 10 themes, and security updates.
A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims.
While British Airways was investigating their September 2018 MageCart breach that at the time affected 380,000 customers, they have discovered that an additional 77,000 customers may have been affected.