Security News > 2022

Microsoft has released emergency out-of-band updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. All OOB updates released today are available for download on the Microsoft Update Catalog, and some of them can also be installed directly through Windows Update as optional updates.

Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called private network access.

Microsoft Edge has added a new feature to the Beta channel that will mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities. "This feature is a huge step forward because it lets us mitigate unforeseen active zero days," Microsoft explains.

The maintainers of a "Disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam.

The maintainers of a "Disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam.

A UK-based scammer who preyed on nearly 700 women and conned nine of them out of £20,000, has been sent to prison. Romance scammers, just like fraudsters who talk you into investing in bogus cryptocurrency schemes, trick their victims person-to-person by building up a facade based on trust, behind which the criminals persuade their victims to send money of their own accord.

An improperly implemented API that stores data on browsers has caused a vulnerability in Safari 15 that leaks user internet activity and personal identifiers. The Safari bug can then expose publicly available information from, say, a Google account.

Zoho has addressed a new critical severity vulnerability that affects the company's Desktop Central and Desktop Central MSP unified endpoint management solutions. ManageEngine Desktop Central is an endpoint management platform that allows admins to deploy patches and software over the network and troubleshoot them remotely.

Zoho has addressed a new critical severity vulnerability that affects the company's Desktop Central and Desktop Central MSP unified endpoint management solutions. ManageEngine Desktop Central is an endpoint management platform that allows admins to deploy patches and software over the network and troubleshoot them remotely.

DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth. Phishing campaigns impersonating the brand have good chances of reaching people who are waiting for a DHL package to arrive during the holiday season.