CISA Director Jen Easterly says the Log4j flaw likely affects hundreds of millions of devices and may be the most serious bug she has seen in her career
A vulnerability in a widely used Apache library … Ncsc-Nl / GitHub : Log4j overview related software Kyle Alspach / VentureBeat : Log4j exploits attempted on 44% of corporate networks; ransomware payl...
A Windows 10 and Windows 11 exploit allows an attacker with physical access to gain SYSTEM privileges, bypassing Microsoft's patch from earlier this month
Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild Brittany A. Roston / SlashGear : All Windows PCs at risk after Microsoft fails to fix zero-day exploit Elizabeth Montalbano / Thre...
Google has patched an actively exploited zero-day vulnerability in its Chrome 88 update
update now Ryan Naraine / SecurityWeek : Google Chrome, Microsoft IE Zero-Days in Crosshairs Gareth Corfield / The Register : Chrome zero-day bug that is actively being abused by bad folks affects Edg...
MalwareBytes: an Android phone offered free by Assurance Wireless as part of the US Lifeline Assistance program comes pre-installed with Chinese malware
With help from John Hendel and Eric Geller Paul Wagenseil / Tom's Guide : ‘Obamaphones’ come preloaded with malware Catalin Cimpanu / ZDNet : Unremovable malware found preinstalled on low-end smartpho...
Leaked dataset from a location data company with a log of the movements of 12M+ Americans shows how “anonymous” location data can be used to track people
and it's not hard to figure out who you are Whitney Kimball / Gizmodo : Holy Shit, Reportedly Jerry Hildenbrand / Android Central : Your phone tracks your every move and there is nothing you can do ab...
D-Link won't patch a remote exploit in four of its routers, saying they are end-of-life, despite some being discontinued in 2018 and still being sold on Amazon
Paul Wagenseil / Tom's Guide :
Chaos Computer Club hackers say they have defeated Samsung Galaxy S8's iris recognition system using a photo of victim's iris
Biometrics on smartphones … Ian Morris / Forbes : Samsung Galaxy S8 Iris Scanner Hacked In Three Simple Steps Corbin Davenport / Android Police : Members of the Chaos Computer Club have cracked the Ga...
New tool decrypts WannaCry-infected computers running Windows XP, 7, and 2003, if they have not been rebooted
if you work fast Brad Linder / Liliputing : Do not reboot your PC if you get WannaCry ransomeware - try this instead Matt Suiche / Comae Technologies : WannaCry — Decrypting files with WanaKiwi + Demo...