A week in security (January 11 – January 17)
A roundup of the past week’s breaking security news, from January 11 to January 17th.
Keep Zoombombing cybercriminals from dropping a load on your meetings
In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy.
Windows 7 is EOL: What next?
Windows 7 is EOL, meaning it’s reached the end of its lifecycle. It’s time to move on to a more secure OS—but that doesn’t mean you no longer need security software.
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s
As the 2010s come to a close, we take a snarky walk down memory lane, listing the craziest, most impactful, or simply just awful cybersecurity fails of the decade.
Pulse VPN patched their vulnerability, but businesses are trailing behind
After a vulnerability in a popular business VPN solutions was discussed at length and an easy to use exploit is available, organizations still fail to apply the patch. What’s up?
New iOS exploit checkm8 allows permanent compromise of iPhones
A new exploit for iOS enables attackers to gain permanent access to iPhones, iPads, Apple Watches, and more—with zero potential for patching. Learn why this is possibly the biggest security news for iOS since its inception.
Five years later, Heartbleed vulnerability still unpatched
The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.
The Hidden Bee infection chain, part 1: the stegano pack
The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.
Exploit kits: summer 2019 review
In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.