DHS Issues Dire Patch Warning for ‘Zerologon’
The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability.
Source: Threadpost
Firefox for Android Bug Allows ‘Epic Rick-Rolling’
Anyone on the same Wi-Fi network can force websites to launch, with no user interaction.
Source: Threadpost
Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords
A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.
Source: Threadpost
The TikTok Ban: Security Experts Weigh in on the App’s Risks
With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.
Source: Threadpost
Stubborn WooCommerce Plugin Bugs Get Third Patch
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.
Source: Threadpost
SecOps Teams Wrestle with Manual Processes, HR Gaps
Enterprise security teams are "drowning in alerts."
Source: Threadpost
Security Takeaways from the Great Work-from-Home Experiment
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.
Source: Threadpost
Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach
Maze continues to adopt tactics from rival cybercrime gangs.
Source: Threadpost
Mozi Botnet Accounts for Majority of IoT Traffic
Mozi’s spike comes amid a huge increase in overall IoT botnet activity.
Source: Threadpost
Apple Bug Allows Code Execution on iPhone, iPad, iPod
Release of iOS 14 and iPadOS 14 brings fixes 11 bugs, some rated high-severity.
Source: Threadpost