Security News > 2022 > July

The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. Lenovo has issued a security advisory disclosing three medium severity vulnerabilities tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892.

A batch of updates to X.org's suite of X11 servers and components just appeared. Among the new features, there were also fixes for two security holes mentioned in an X.org Foundation security advisory, which covers CVE-2022-2319 and CVE-2022-2320.

A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. The malware, named 'Autolycos,' was discovered by Evina's security researcher Maxime Ingrao to be in at least eight Android applications, two of which are still available on the Google Play Store at the time of this writing.

Ivacy VPN is known for delivering access to more than 1,000 servers in 100+ locations worldwide as well as many security features, including powerful 256-bit encryption, P2P file-sharing and more. SurfShark offers 10 Gbps VPN servers for an even faster connection.

Uniswap, a popular decentralized cryptocurrency exchange, lost close to $8 million worth of Ethereum in a sophisticated phishing attack yesterday. 1/ Yesterday, some Uniswap LPs unfortunately fell for a phishing scam, a problem far too common in crypto today.

Remote Help relies on Azure Active Directory for that, showing the profile photo, company details, job title, email address and other information from Azure AD, so users know they can trust the person helping them, and IT staff know more about who they're helping, which may be useful for solving their problem. Remote Help uses Endpoint Manager's role-based access controls, so admins can manage permissions to choose who can help which users and what they can do.

Nearly half of enterprise endpoint devices present significant security risks. Device sprawl is becoming a costly security headache with the average enterprise now managing approximately 135,000 endpoint devices, a new report finds.

AiTM phishing steals the session cookie, so the attacker gets authenticated to a session on the user's behalf regardless of the sign-in method the latter uses, researchers said. Attackers are getting wise to organizations' increasing use of MFA to better secure user accounts and creating more sophisticated phishing attacks like these that can bypass it, noted a security professional.

"Taken together, this means the primary digital threat for people who take abortion pills is the actual evidence of intention stored on your phone, in the form of texts, emails, and search/web history. Cynthia Conti-Cook's incredible article"Surveilling the Digital Abortion Diary details what we know now about how digital evidence has been used to prosecute women who have been pregnant. As Conti-Cook says, Ms. Fisher "Conduct[ed] internet searches, including how to induce a miscarriage, 'buy abortion pills, mifepristone online, misoprostol online,' and 'buy misoprostol abortion pill online,'" and then purchased misoprostol online.

A massive phishing campaign has been targeting Office 365 users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication set up to protect the accounts. The attackers use proxy servers and phishing websites to steal users' password and session cookie.