reader comments 60 with 40 posters participating Share this story Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of individuals and businesses use as VPNs, firewalls, and wireless access points. The backdoor comes in the form of an undocumented user account with full administrative… Read More »
reader comments 15 with 14 posters participating Share this story 2020 was a tough year for a lot of reasons, not least of which were breaches and hacks that visited pain on end users, customers, and the organizations that were targeted. The ransomware menace dominated headlines, with an endless stream of compromises hitting schools, governments,… Read More »
reader comments 43 with 39 posters participating Share this story Three dozen journalists had their iPhones hacked in July and August using what at the time was an iMessage zero-day exploit that didn’t require the victims to take any action to be infected, researchers said. The exploit and the payload it installed were developed and… Read More »
Getty Images reader comments 40 with 25 posters participating Share this story Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for attackers to execute malicious code that would spread from computer to computer with no user interaction required. Again. The vulnerability, which was first disclosed in… Read More »
reader comments 90 with 58 posters participating Share this story Dozens of radiology products from GE Healthcare contain a critical vulnerability that threatens the networks of hospitals and other health providers that use the devices, officials from the US government and a private security firm said on Tuesday. The devices—used for CT scans, MRIs, X-Rays,… Read More »
Enlarge / This image was the profile banner of one of the accounts allegedly run by the Internet Research Agency, the organization that ran social media “influence campaigns” in Russia, Germany, Ukraine, and the US dating back to 2009. A Russian troll reader comments 5 with 5 posters participating Share this story The National Security… Read More »
reader comments 33 with 33 posters participating Share this story Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login credentials, private messages, and other sensitive information. Security firm Check Point said that the Edge Browser, the XRecorder video and screen recorder, and the PowerDirector… Read More »
Enlarge / That’s a lot of screen. Samuel Axon reader comments 144 with 106 posters participating Share this story Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required… Read More »
reader comments 27 with 19 posters participating Share this story Attackers are targeting a recently patched Oracle WebLogic vulnerability that allows them to execute code of their choice, including malware that makes servers part of a botnet that steals passwords and other sensitive information. WebLogic is a Java enterprise application that supports a variety of… Read More »
reader comments 18 with 15 posters participating Share this story Google’s project zero says that hackers have been actively exploiting a Windows zeroday that isn’t likely to be patched until almost two weeks from now. In keeping with long-standing policy, Google’s vulnerability research group gave Microsoft a seven-day deadline to fix the security flaw because… Read More »