Security News > 2022 > June

Microsoft says it addressed a known issue that was causing all Microsoft Edge tabs running IE mode to stop responding if one of the opened sites displayed a modal dialog box after issuing a window. The IE mode problems affect devices running Windows 11, Windows 10, and Windows Server 2022 after installing the KB5014019, KB5014023, and KB5014021 optional preview cumulative updates.

How to transfer LastPass to Bitwarden We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. I want to demonstrate how this works by way of migrating from LastPass to Bitwarden.

The iOS application does not trigger any alert since it is signed with a certificate from a company named 3-1 Mobile SRL, enrolled in the Apple Developer Enterprise Program. The Android malicious software requires the targeted user to allow the installation of applications from unknown sources.

I did not attend WEIS this year, but Ross Anderson was there and liveblogged all the talks.

A Japanese contractor working in the city of Amagasaki, near Osaka, reportedly mislaid a USB drive containing personal data on the metropolis's 460,000 residents. It's unknown how good of a time the man had, but he did reportedly end up passing out in the street, Japanese news source NHK reported the company who employed him as saying, elaborating on an incident report from the Amagasaki city government.

Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables. All those credentials and metadata then get uploaded to one or more endpoints, and anyone on the web can see this.

China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure, citing national security concerns. CNKI is a privately-owned publishing company that maintains a monopoly on academic journal searches in China.

In this Help Net Security interview, Dawn Cappelly, Director of OT-CERT at the industrial cybersecurity company Dragos, talks about the OT security risks critical infrastructure organizations are facing, offers advice on how they can overcome obstacles that prevent them improving their cybersecurity posture, and explains how the recently set up OT-CERT she's heading can help asset owners and operators of industrial infrastructure. Although frameworks and best practices are emerging in OT security, organizations usually need to rely on OT security experts to assist in these assessments and remediation recommendations.

The latest APWG's Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks-the worst quarter for phishing observed to date. This quarter was the first time the three-month total has exceeded one million.

The UK's Information Commissioner's Office has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company that has already been on the wrong end of similar decisions from regulators in Italy, France and Australia. It's not just your face: Surveillance technology is expanding at such a pace that it's now possible to analyze the way you walk, your heartbeat, breathing pattern, and, controversially, emotions.