Categories
Tech

PEGASUS: WHAT IS THE ISRAELI SPYWARE AND HOW CAN YOU TELL IF IT’S ON YOUR PHONE?

Military-grade spyware Pegasus, used to infiltrate the smartphones of at least 40 journalists in India, has been around since at least 2016 and is one of the most sophisticated hacking tools capable of extracting information from mobile devices.

Categories
Tech

Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw

Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks.


Categories
Tech

Malicious PDFs Flood the Web, Lead to Password-Snarfing

SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.


Categories
Tech

Ten-Year Old Sudo Vulnerability Gives Root Privileges on Host

A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports.


Categories
Tech

Hackers breached U.S. government agencies via compromised SolarWinds Orion software

 

A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), other government agencies and private sector companies (including, apparently, FireEye) via compromised SolarWinds Orion software.


Categories
Tech

FireEye hack: Cybersecurity firm says nation-state stole attacking tools

 

“This attack is different from the tens of thousands of incidents we have responded to throughout the years,” the firm says in an SEC filing.


Categories
Tech

Website Security Breach Exposes 1 Million DNA Profiles

 

A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.


Categories
Tech

Critical, Wormable Bug in Windows DNS Servers Could Allow Full Infrastructure Compromise

 

Exploitation Would Grant Attacker Domain Administrator Rights That Could Compromise Entire Corporate Infrastructure


Categories
Tech

Work From Home Opens New Remote Insider Threats

 

Remote work is opening up new insider threats – whether it’s negligence or malicious employees – and companies are scrambling to stay on top of these unprecedented risks.


Categories
Tech

NSA Publishes Recommendations on Securing IPsec VPNs

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).