A week in security (February 4 – 8)
A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.
A week in security (December 3 – 9)
A roundup of last week’s security news from December 3–9, including a new Mac malware, a new Flash zero-day vulnerability, a new Malwarebytes report focusing on current undetectable malware, and breaches that appeared left and right.
New Flash Player zero-day used against Russian facility
An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic
Holes found in Mojave’s privacy protection
Issues with the privacy protection features of macOS Mojave have already begun to appear, and may cause more problems than they solve.
Adobe Reader zero-day discovered alongside Windows vulnerability
A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.
Internet Explorer zero-day: browser is once again under attack
Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.
PSA: New Microsoft Word 0day used in the wild
Read more about the latest Microsoft Word Zero-Day and how to protect yourself against it.
OWASP top ten – Boring security that pays off
OWASP recently published a draft list of the top 10 security vulnerabilities of 2017. While intended for developers seeking to code more secure applications, the top 10 list is based on actual survey data of threats seen in the wild and serves as a great starting point for organizations struggling with security priorities. Let’s take a look and see how long they’ve been around prior to publication.
What is a zero day?
You have probably heard the term zero-day or zero-hour malware, but what exactly does it mean?
Tor Browser zero-day strikes again
A new zero-day has been found in the wild and was used against the popular Tor Browser. This exploit was meant to leak information about users, such as their IP address.