Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software. Attackers combine these …
Microsoft Warns of Widespread Phishing Attacks Using Open Redirects Read More »
The well-known and widely-used encryption library OpenSSL released a security patch earlier this week. Full article
This month, Apple announced several new features under the auspices of expanding its protections for young people, at least two of which seriously walk back the company’s longstanding commitment to protecting user privacy. One of …
Apple’s Plan to Scan Photos in Messages Turns Young People Into Privacy Pawns Read More »
Today, T-Mobile’s CEO Mike Sievert said that the hacker behind the carrier’s latest massive data breach brute forced his way through T-Mobile’s network after gaining access to testing environments. The attacker could not exfiltrate customer financial information, …
T-Mobile CEO: Hacker brute-forced his way through our network Read More »
Microsoft has warned that it has been tracking a widespread credential-phishing campaign that relies on open redirector links, while simultaneously suggesting it can defend against such schemes. Full article
Police around the country have drastically increased their use of geofence warrants, a widely criticized investigative technique that collects data from any user who was in a specified area within a certain time range, according …
An Explosion in Geofence Warrants Threatens Privacy Across the US Read More »
T-Mobile’s CEO has finally spoken out about the massive hack that exposed millions of customers’ sensitive information, apologizing for the leak and announcing a cybersecurity pact with Mandiant. CEO Mike Sievert on one hand sought …
T-Mobile CEO apologizes for massive hack, announces cybersecurity deal with Mandiant Read More »
Cisco announced recently that it will not be releasing software updates for a vulnerability with its Universal Plug-and-Play (UPnP) service in Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. The vulnerability allows unauthenticated, remote …
Cisco says it will not release software update for critical 0-day in EOL VPN routers Read More »
Cloudflare said it’s system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded. …
Cloudflare says it stopped the largest DDoS attack ever reported Read More »
Taiwan-based NAS maker Synology has revealed that recently disclosed remote code execution (RCE) and denial-of-service (DoS) OpenSSL vulnerabilities impact some of its products. “Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or execute arbitrary …
Synology: Multiple products impacted by OpenSSL RCE vulnerability Read More »
o protect our private communications from future attacks by quantum computers, Verizon is trialing the use of next-generation cryptography keys to protect the virtual private networks (VPNs) that are used every day by companies around …
The Linux kernel is turning 30 this year. That’s three decades of pioneering open source software, enabling users to run free software, to learn from the applications they’re running, and to share what they’ve learned …
30 things you didn’t know about the Linux kernel Read More »