Security News > 2021

Google is rolling out a new 'Tab Search' feature that allows you to search through your list of open tabs among all open browser windows to find a specific page. If you are like me and commonly have a large number of tabs open simultaneously, you can use the Tab Search feature to search for a particular page among your sea of open tabs.

China's government on Thursday called on Washington to drop efforts to expel three state-owned Chinese phone companies from the United States in a new clash over technology and security. The United States should "Stop the wrong practice of generalizing the concept of national security and politicizing economic issues" and "Stop abusing state power to unreasonably suppress Chinese enterprises," said a ministry spokesman, Zhao Lijian.

Microsoft is testing a fix for performance issues in Microsoft Edge's DNS-over-HTTPS feature and has once again enabled a list of suggested DoH servers. DNS-over-HTTPS allows DNS resolution to be performed over an encrypted HTTPS connection rather than through normal plain text DNS lookups.

Project Zero, Google's zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year. The Project Zero team revealed that the hacking group behind these attacks ran two separate campaigns, in February and October 2020.

Microsoft is now classifying Windows Terminal as an inbox app, which means that it will now ship by default in upcoming versions of Windows 10. Starting with Windows 10 Insider build 21337, Microsoft has classified Windows Terminal as an inbox app, which means it will be automatically installed as an essential application.

Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed "XcodeSpy," the trojanized Xcode project is a tainted version of a legitimate, open-source project available on GitHub called TabBarInteraction that's used by developers to animate iOS tab bars based on user interaction.

Dnwls0719 found a new Rapid ransomware variant that appends the. Xiaopao found a new variant of the Xorist ransomware that appends the.

Squid ink. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.

Sony's new PS5 is one topic ripe for exploitation, especially since the new console is in short supply due to a scarcity of semiconductor chips. A Friday report from security firm Kaspersky explains how a new scam promising a PS5 is playing out and offer tips on how to avoid taking the bait.