Unsecured Microsoft Bing Server Leaks Search Queries, Location Data
Data exposed included search terms, location coordinates, and device information – but no personal data.
DHS Issues Dire Patch Warning for ‘Zerologon’
The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability.
Firefox for Android Bug Allows ‘Epic Rick-Rolling’
Anyone on the same Wi-Fi network can force websites to launch, with no user interaction.
Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords
A new Android malware strain has been uncovered, part of the Rampant Kitten threat group’s widespread surveillance campaign that targets Telegram credentials and more.
The TikTok Ban: Security Experts Weigh in on the App’s Risks
With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.
Stubborn WooCommerce Plugin Bugs Get Third Patch
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.
SecOps Teams Wrestle with Manual Processes, HR Gaps
Enterprise security teams are “drowning in alerts.”
Security Takeaways from the Great Work-from-Home Experiment
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.
Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach
Maze continues to adopt tactics from rival cybercrime gangs.
Apple Bug Allows Code Execution on iPhone, iPad, iPod
Release of iOS 14 and iPadOS 14 brings fixes 11 bugs, some rated high-severity.