Apple has released updates patching two critical vulnerabilities recently discovered. An application is able to use this vulnerability to run malicious code and gain Kernel privilege, which is the highest privilege allowing full control of the device. These vulnerabilities may have been previously exploited by hackers in likely targeted attacks. The affected devices include: macOS…

Continue Reading

VMware has released patches for bugs and vulnerabilities, including a critical authentication bypass bug. This bug allowed a user to gain administrator privileges without authentication. Products affected include VMware Workspace ONE, VMware Identity Manager, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager software programs. Many of the patches have at least a moderate CVS…

Continue Reading

Mangatoon, the manga and comic reading platform, has suffered a data breach exposing the data of over 20 million accounts. The hacker was able to steal this data by accessing an unsecured or misconfigured database. BleepingComputer in their report was able to confirm their hack method and was able to verify a data sample to…

Continue Reading

Apple has announced it is working in a new feature called “Lockdown Mode.” This new feature will protect users from different types of cyberattacks, especially highly targeted spyware. Along with a grant for spyware threat research, these new additions are part of their initiative to protect users from highly targeted cyberattacks. Lockdown Mode, when turned…

Continue Reading

As environments and networks grow and become more complex, it is more critical to secure those busy networks and different devices. Microsoft has announced that Microsoft Defender for Endpoint will offer additional security for Android and iOS devices. Extra features like alerts for vulnerabilities, rouge devices, and protection for wireless (Wi-Fi) networks. Learn more about…

Continue Reading

A new malware has been going around targeting content creators of YouTube. Reported by researchers at Intezer, YTStealer is likely being sold and distributed as MaaS (or Malware-as-a-Service). It’s goal is to steal authentication cookies from YouTube content creators. Many of the files in the malware are disguised as legitimate applications, specifically software typically used…

Continue Reading

Thousands of websites have been found to be infected with malicious code that redirects unsuspecting users. The malware compromises the websites through vulnerable themes or plugins. In a report by Sucuri, they explained how they’ve followed this malware campaign and found the websites with similar code injection to .KS (JavaScript) files. The code injection is…

Continue Reading