Security News

A security firm's Vulnerability Research Team (VRT) found and reported a vulnerability in SoftNAS Cloud data storage. SoftNAS fixed the vulnerability last week, and details of the vulnerability...

The vulnerability allows attackers to run arbitrary commands as root, which clearly undermines the security of the SoftNAS Cloud platform and data stored on it.

Where possible, and especially for important accounts such as Office 365 and G Suite accounts, the prevailing advice for users is to enable two-factor authentication. Unfortunately, that security...

Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor...

The Face ID and Touch ID authentication feature introduced recently to WhatsApp for iOS can be easily bypassed, but a patch has been released. read more

Until this month, the Edge browser could bypass its own warnings about Flash content on 58 websites, thanks to a hidden list.

Six years after it was introduced, it looks as if Android’s Advertising ID (AAID) might no longer be the privacy forcefield Google claimed it would be.

Threat actors conducting Remote Desktop Protocol (RDP) attacks are increasingly using network tunneling and host-based port forwarding to bypass network protections, FireEye reports.  read more

A recently addressed vulnerability in Office 365 allowed attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes.  read more

A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means.