A week in security (March 4 – 11)
A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs’ data privacy report, news from RSA, and more.
Google Chrome zero-day: Now is the time to update and restart your browser
A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.
A week in security (February 4 – 8)
A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.
A week in security (December 3 – 9)
A roundup of last week’s security news from December 3–9, including a new Mac malware, a new Flash zero-day vulnerability, a new Malwarebytes report focusing on current undetectable malware, and breaches that appeared left and right.
New Flash Player zero-day used against Russian facility
An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic
Holes found in Mojave’s privacy protection
Issues with the privacy protection features of macOS Mojave have already begun to appear, and may cause more problems than they solve.
Adobe Reader zero-day discovered alongside Windows vulnerability
A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.
Internet Explorer zero-day: browser is once again under attack
Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.
PSA: New Microsoft Word 0day used in the wild
Read more about the latest Microsoft Word Zero-Day and how to protect yourself against it.
OWASP top ten – Boring security that pays off
OWASP recently published a draft list of the top 10 security vulnerabilities of 2017. While intended for developers seeking to code more secure applications, the top 10 list is based on actual survey data of threats seen in the wild and serves as a great starting point for organizations struggling with security priorities. Let’s take a look and see how long they’ve been around prior to publication.