Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Gun Database Breach Leaks Details on Thousands of Owners

Plus: Indian hacker-for-hire groups, Chinese student espionage efforts, and more.

Wired
Open in Source
#android#windows#apple#google#microsoft#git#chrome
Report Claims Coinbase Selling User Geolocation Data to ICE

By Deeba Ahmed Tech Inquiry’s Jack Paulson has shared startling details about a 3-year contract between the US Department of Homeland… This is a post from HackRead.com Read the original post: Report Claims Coinbase Selling User Geolocation Data to ICE

Google Improves Its Password Manager to Boost Security Across All Platforms

Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a "simplified and unified management experience that's the same in Chrome and Android settings," Ali Sarraf, Google Chrome product manager, said in a blog post. The updates are also expected to automatically

18 Zero-Days Exploited So Far in 2022

It didn't have to be this way: So far 2022's tranche of zero-days shows too many variants of previously patched security bugs, according Google Project Zero.

Threat Source newsletter (June 30, 2022) — AI voice cloning is somehow more scary than deepfake videos

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  We took a week off for summer vacation but are back in the thick of security things now.  My first exposure to deepfake videos was when Jordan Peele worked with BuzzFeed News to produce this video of... [[ This is only the beginning! Please visit the blog for the complete entry ]]

U.S. FCC Commissioner Asks Apple and Google to Remove TikTok from App Stores

One of the commissioners of the U.S. Federal Communications Commission (FCC) has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing "its pattern of surreptitious data practices." "It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently

CVE-2021-40663: Prototype Pollution in deep.assign npm package · Issue #1 · janbialostok/deep-assign

deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution').

A Guide to Surviving a Ransomware Attack

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.

You Need to Update Windows and Chrome Right Now

Plus: Google issues fixes for Android bugs, and Cisco, Citrix, SAP, WordPress, and more issue major patches for enterprise systems.

CVE-2017-20120: Offensive Security’s Exploit Database Archive

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.