“Microsoft has disrupted a massive hacking operation that it said could have indirectly affected election infrastructure if allowed to continue.”
Apple pays $288,000 to white-hat hackers who had run of company’s network
“For months, Apple’s corporate network was at risk of hacks that could have stolen sensitive data from potentially millions of its customers and executed malicious code on their phones and computers, a security researcher said on Thursday.”
T2 security chip on Macs can be hacked to plant malware; cannot be patched
“Security researchers have confirmed speculation that the T2 security chip on modern Macs can be hacked. A combination of two different exploits would give a hacker the ability to modify the behavior of the chip, and even plant malware like a keylogger inside it.”
Microsoft Security Report Highlights New Sophisticated Threats From Nation State Actors
“If it wasn’t clear that cybersecurity is the new frontier in our evermore-connected world, a recent report from Microsoft, entitled the “Digital Defense Report,” details how rapidly escalating security threats are growing in sophistication and pervasiveness from nation state actors in China, I”
Federal Trade Commission officials warn of phishing text message scam
“For those shopping online, be aware of scammers who are sending text messages about a package for you. Although it may seem real, it’s just another phishing attempt. Phishing is the fraudulent attempt to get sensitive information by disguising oneself as a trustworthy entity through technology.”
QNAP tells NAS users to update firmware to avoid new type of ransomware
“Taiwanese hardware vendor QNAP urged customers last week to update the firmware and apps installed on their network-attached storage (NAS) devices to avoid infections with a new strain of ransomware named AgeLocker.”
One of this year’s most severe Windows bugs is now under active exploit
“One of the highest-impact Windows vulnerabilities patched this year is now under active exploitation by malicious hackers, Microsoft warned overnight, in a development that puts increasing pressure on laggards to update now.”
New Windows exploit lets you instantly become admin. Have you patched?
“Researchers have developed and published a proof-of-concept exploit for a recently patched Windows vulnerability that can allow access to an organization’s crown jewels—the Active Directory domain controllers that act as an all-powerful gatekeeper for all machines connected to a network.”
Why vishing is the new phishing and how to guard against it [Q&A]
“We’re all familiar with the menace of phishing but, particularly following the recent Twitter attack, other methods of stealing credentials have been on the rise. These include ‘smishing’ (phishing via SMS) and ‘vishing’ (phishing by voice call).”
The death of remote access VPN
“Remote Access VPN, also known as business VPN, is an important technology that has been around for decades. It allows remote workers to connect their devices to the company network over the public internet; thus allowing them to function as if they were inside the corporate network.”