Security News > 2023
Meta is introducing default end-to-end encryption for chats and calls across Messenger and Facebook, the company revealed on Wednesday. "We've introduced new privacy, safety and control features along the way like delivery controls that let people choose who can message them, as well as app lock, alongside existing safety features like report, block and message requests," said Loredana Crisan, Head of Messenger at Meta.
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution. The vulnerability affects Apache Struts versions 2.0.0 through 2.5.32 and 6.0.0 through 6.3.0.1, and has been fixed in Apache Struts versions 2.5.33 and 6.3.0.2.
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is...
Connect and protect your whole team with this mini router that offers 10,000 sq ft coverage and a built-in VPN for the low price of $599.99. The Mini by Routie is probably the easiest way to set up a guest network.
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to...
WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable...
A trio of Polish security researchers claim to have found that trains built by Newag SA contain software that sabotages them if the hardware is serviced by competitors. Newag, a Polish train maker, emphatically denied that it installed such software in a statement issued Wednesday, attributing any issues to unknown hackers.
The good news for the rest of you is that December Patch Tuesday is usually light regarding CVEs reported. Exploitable across the internet, the vulnerability is ideal for a phishing exploit as it only requires the user to click on a malicious URL. A fix was included in the November Patch Tuesday updates and the CVE was reported as Known Exploited, but now it is Publicly Disclosed as well.
The Russian founder of the now-defunct Bitzlato cryptocurrency exchange has pleaded guilty, nearly 11 months after he was arrested in Miami earlier this year. Anatoly Legkodymov (aka Anatolii...
Like the modern data architecture itself, a modern data security approach must be flexible, scalable, and able to support numerous hybrid data ecosystems so that consumers can use multiple data consumption approaches. The need to implement flexible and scalable data security before data lands in the cloud data warehouse is forcing many data teams to adopt a "Shift left" approach to data security where data is safeguarded early in its journey from the source system.