CISA Director Jen Easterly says the Log4j flaw likely affects hundreds of millions of devices and may be the most serious bug she has seen in her career
A vulnerability in a widely used Apache library … Ncsc-Nl / GitHub : Log4j overview related software Kyle Alspach / VentureBeat : Log4j exploits attempted on 44% of corporate networks; ransomware payl...
A Windows 10 and Windows 11 exploit allows an attacker with physical access to gain SYSTEM privileges, bypassing Microsoft's patch from earlier this month
Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild Brittany A. Roston / SlashGear : All Windows PCs at risk after Microsoft fails to fix zero-day exploit Elizabeth Montalbano / Thre...
Google has patched an actively exploited zero-day vulnerability in its Chrome 88 update
update now Ryan Naraine / SecurityWeek : Google Chrome, Microsoft IE Zero-Days in Crosshairs Gareth Corfield / The Register : Chrome zero-day bug that is actively being abused by bad folks affects Edg...
Leaked dataset from a location data company with a log of the movements of 12M+ Americans shows how “anonymous” location data can be used to track people
and it's not hard to figure out who you are Whitney Kimball / Gizmodo : Holy Shit, Reportedly Jerry Hildenbrand / Android Central : Your phone tracks your every move and there is nothing you can do ab...
D-Link won't patch a remote exploit in four of its routers, saying they are end-of-life, despite some being discontinued in 2018 and still being sold on Amazon
Paul Wagenseil / Tom's Guide :
An in-depth look at five iOS exploit chains that were used in hacked websites for carrying out watering hole attacks against devices running iOS 10 through 12
In the earlier posts we examined … Ian Beer / Project Zero : In-the-wild iOS Exploit Chain 1 Patrick Howell O'Neill / MIT Technology Review : Websites have been quietly hacking iPhones for years, says...
An in-depth look at five iOS exploit chains that were used in hacked websites for carrying out watering hole attacks against devices running iOS 10 through 12
In the earlier posts we examined … Ryan Whitwam / ExtremeTech : Google Discovered Malicious Websites Used to Hack iPhones for Years Jon Porter / The Verge : Google reveals major iPhone security flaws ...
Apple restores Google's internal iOS apps after certificate misuse punishment
and it made a powerful point Scott Rosenberg / Axios : Tech giants are the new gatekeepers Wall Street Journal : Apple Exerts Power as Privacy Protector Enrique Dans / Forbes : Google Vs. Facebook: Si...
House votes 256 to 164 to extend Section 702 FISA warrantless surveillance program for six years with minimal changes; bill now proceeds to the Senate
Why It's a Good Thing That Dropbox Is Going Public Charlie Savage / New York Times : Surveillance and Privacy Debate Reaches Pivotal Moment in Congress Louise Matsakis / Wired : Congress Renews Warran...
New “Bad Rabbit” ransomware targets corp networks in Ukraine, Turkey, Germany, infects devices through hacked Russian media sites using NotPetya type methods
There is a connection between Bad Rabbit and Not Petya Waqas / HackRead : Bad Rabbit ransomware spreading like wildfire but there is a way out Dell Cameron / Gizmodo : ‘Bad Rabbit’ Ransomware Strikes ...