Security News > 2023 > February

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Apple has just released updates for all supported Macs, and for any mobile devices running the very latest versions of their respective operating systems. Apparently, tvOS recently received a product-specific functionality fix that already used up the version number 16.3.1 for Apple TVs. As we've seen before, mobile devices still using iOS 15 and iOS 12 get nothing, but whether that's because they're immune to this bug or simply that Apple hasn't got round to patching them yet.

It's Microsoft's February 2023 Patch Tuesday, and the new Windows 10 KB5022834 and KB5022840 cumulative updates are now available for versions 22H2, version 21H2, version 21H1, and 1809 to fix problems in the operating system. These updates are mandatory as they contain security updates fixed as part of Microsoft's Patch Tuesday.

Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws. This month's Patch Tuesday fixes three actively exploited zero-day vulnerabilities used in attacks.

Microsoft says the Internet Explorer 11 desktop web browser will be disabled on some Windows 10 systems starting today via a Microsoft Edge update. "As previously announced, the out-of-support Internet Explorer 11 desktop application will be permanently disabled on certain versions of Windows 10 starting today, February 14, 2023," Microsoft said.

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. The packages were uploaded onto NPM, an online repository containing over 2.2 million open-source JavaScript packages shared among software developers to speed up the coding process.

Google on Tuesday began rolling out a beta test of its Privacy Sandbox software for a small portion of Android 13 devices to learn how its purportedly privacy-protecting ad tech actually performs. Google began working on its Privacy Sandbox in 2019 and its Android iteration surfaced a year ago.

This is a current list of where and when I am scheduled to speak: I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET. I’m speaking on “How to Reclaim...

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin said in a report published last week.

The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "Experienced a security incident" leading to some CHS data being compromised. A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.