Latest articles

DSA-4945 webkit2gtk
Booking your next holiday? Watch out for these Airbnb scams
Spam is Chipotle’s secret ingredient: Marketing email hijacked to dish up malware
Upcoming Android privacy changes include ability to blank advertising ID, and ‘safety section’ in Play store
Ubuntu 5027-1: PEAR vulnerability>
Ubuntu 5026-1: QPDF vulnerabilities>
Ubuntu 5025-2: libsndfile vulnerability>
Smashing Security podcast #238: Fashion captain, fraud family, and DEF CON. D’oh!
openSUSE: 2021:2555-1 moderate: git>
Ubuntu 5025-1: libsndfile vulnerability>
Israeli authorities investigate NSO Group over Pegasus spyware abuse claims
Here’s a list of the flaws Russia, China, Iran and pals exploit most often, say Five Eyes infosec agencies
‘Woefully insufficient’: Biden administration’s assessment of critical infrastructure infosec protection
Over 100 Taiwanese political figures’ messages leaked outta LINE app
Microsoft researcher found Apple 0-day in March, didn’t report it
Fedora 34: webkit2gtk3 2021-cf7d8c7b1a>
Security breaches where working from home is involved are costlier, claims IBM report
Most Twitter users haven’t enabled 2FA yet, report reveals
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
Reboot of PunkSpider Tool at DEF CON Stirs Debate
Iranian state-backed hackers posed as flirty Scouser called Marcy to target workers in defence and aerospace
Ubuntu 5024-1: WebKitGTK vulnerabilities>
Podcast: Why Securing Active Directory Is a Nightmare
UK’s National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry
Google revamps bug bounty program
Biden warns ‘real shooting war’ will be sparked by severe cyber attack
RedHat: RHSA-2021-2932:01 Moderate: rh-nodejs14-nodejs and>
RedHat: RHSA-2021-2931:01 Moderate: rh-nodejs12-nodejs and>
Tencent suspends signups to WeChat, citing ‘security upgrade’ and need to comply with Chinese laws
eBay ex-security boss sent down for 18 months for cyber-stalking, witness tampering
Fedora 34: golang 2021-25c0011e78>
No More Ransom Saves Victims Nearly €1 billion Over 5 Years
Misconfigured Azure Blob at Raven Hengelsport exposed records of 246,000 anglers – and took months to tackle, claim infosec researchers
Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam
RedHat: RHSA-2021-2438:01 Moderate: OpenShift Container Platform 4.8.2 bug>
RedHat: RHSA-2021-2437:01 Moderate: OpenShift Container Platform 4.8.2>
Tech biz must tell us about more security breaches, says as it ponders lowering report thresholds
SciLinux: SLSA-2021-2845-1 Important: java-1.8.0-openjdk on SL7.x x86_64>
SciLinux: SLSA-2021-2784-1 Important: java-11-openjdk on SL7.x x86_64>
Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS
Zimbra Server Bugs Could Lead to Email Plundering
Despite all the advice, 97.7% of Twitter users have still not enabled two-factor authentication
Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers
Apple emergency zero-day fix for iPhones and Macs – get it now!
Apple Patches Actively Exploited Zero-Day in iOS, MacOS
Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopify software repos
Data controls in the DevSecOps life cycle
openSUSE: 2021:2474-1 important: qemu>
Patch your iPhones and Macs against “actively exploited” zero-day right now
It takes intuition and skill to find hidden evidence and hunt for elusive threats