Security News > 2020 > May
Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can. The SSLab trio also found CVE-2020-9801 in Safari that can be exploited by malware already running on a Mac to force the browser to open another application.
Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can. The SSLab trio also found CVE-2020-9801 in Safari that can be exploited by malware already running on a Mac to force the browser to open another application.
Protecting your Linux servers against SYN attacks and IP spoofing isn't nearly as hard you think. Jack Wallen shows you how.
Crowdsourced security testing provider Synack on Thursday announced that it closed a $52 million Series D funding round, bringing the total raised by the company to $112.1 million. Founded in 2013, Synack gathers cybersecurity talent to help organizations identify vulnerabilities in their assets.
Sometimes hackers are given more leeway based on why they hack. In a blog post published Thursday, Check Point detailed the exploits of a hacker self-dubbed "VandaTheGod," describing how this person turned from hacktivist to cybercriminal before being identified and reported to law enforcement.
Researchers at cybersecurity company Check Point said on Thursday that they have found the real identity of VandaTheGod, a Brazilian hacker involved in both hacktivist operations and financially-motivated cybercrimes. Check Point told SecurityWeek that it informed law enforcement about its findings in October 2019, but the hacker continued to be active up until May 2020.
Recent versions of the Valak malware have been used in attacks targeting Microsoft Exchange servers at organizations in the United States and Germany, Cybereason's Nocturnus researcher team warns. Discovered in late 2019, when it was used as a loader for malware such as Ursnif and IcedID, Valak has evolved into a sophisticated piece of malware that can be used as an information stealer, targeting individuals and enterprises alike.
The latest Naked Security podcast is out now!
Threat actors have revamped a popular malware loader into a stealthy infostealer that targets Microsoft Exchange servers to pilfer enterprise mailing information, passwords and enterprise certificates, researchers have found. Valak was first observed as a loader in 2019 but has now gone through "a series of dramatic changes, an evolution of over 30 different versions in less than six months," Cybereason Nocturnus researchers Eli Salem, Lior Rochberger and Assaf Dahan said in a report posted online Thursday.
Roberto Escobar's company has reportedly filed a $2.6 billion lawsuit against Apple for purportedly having lame-o security - security so bad, his address purportedly got leaked through FaceTime and has led to subsequent assassination attempts. According to TNW and TMZ, former accountant and co-founder of the Medellín drug cartel Roberto Escobar, brother to the now deceased drug kingpin Pablo Escobar, is claiming that his iPhone X nearly killed him.