Security News

The paperback version of A Hacker's Mind has just been published. This is the real reason I am posting this-Amazon has significantly discounted the hardcover to $15 to get rid of its stock.

Network-attached storage specialist QNAP has disclosed and released fixes for two new vulnerabilities, one of them a zero-day discovered in early November. Unit 42's assessment, on the other hand, was the polar opposite: "These remote code execution vulnerabilities affecting IoT devices exhibit a combination of low attack complexity and critical impact, making them an irresistible target for threat actors. As a result, protecting IoT devices against such threats is an urgent task."

On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days that are being leveraged by attackers in the wild. CVE-2024-21412 allows attackers to bypass the Microsoft Defender SmartScreen security feature with booby-trapped Internet Shortcut files.

A threat actor leaked 200,000 records on a hacker forum, claiming they contained the mobile phone numbers, email addresses, and other personal information of Facebook Marketplace users. IntelBroker claims this partial Facebook Marketplace database was stolen by someone using the 'algoatson' Discord handle after hacking the systems of a Meta contractor.

Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. Unless Integris Health met the attacker's demands, the stolen data would be sold to other cybercriminals on January 5, 2024.

Canada's Trans-Northern Pipelines has allegedly been infiltrated by the ALPHV/BlackCat ransomware crew, which claims to have stolen 190 GB of data from the oil distributor. ALPHV added Trans-Northern to its blackmail site on Tuesday and said the purloined files include "All important information."

Today is Microsoft's February 2024 Patch Tuesday, which includes security updates for 73 flaws and two actively exploited zero-days. The total count of 73 flaws does not include 6 Microsoft Edge flaws fixed on February 8th and 1 Mariner flaw.

Today is Microsoft's February 2024 Patch Tuesday, which includes security updates for 74 flaws and two actively exploited zero-days. The total count of 74 flaws does not include 6 Microsoft Edge and 1 Mariner flaw fixed on February 8th. To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5034765 cumulative update.

Microsoft has released the KB5034765 cumulative update for Windows versions 23H2 and 22H2 to fix several bugs in the OS, including an issue that causes problems with the Start menu. As this update contains the Microsoft February 2024 Patch Tuesday security updates, KB5034765 is mandatory for all Windows 11 users unless you delay its installation.

RoboForm has also undergone a third-party security audit that positively confirmed its security promises. RoboForm has its own password health dashboard called Security Center that gives you important data on the health of all your credentials.