AnyDesk Compromised, Passwords Revoked
AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related certificates and reset all Web portal passwords as a precaution. The company assured its customers in a statement released late on…
Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates
Portable computers running Google’s ChromeOS, Chromebooks have been in users’ hands since 2012, and have become one of the most used types of devices within the education sector. To prolong their lives and ensure they remain secure to use, Google said it plans to extend the automatic security updates period for some of these devices,…
Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List
A five-year old vulnerability in Fortinet SSL VPNs remains one of the most widely exploited flaws in enterprise networks, despite repeat patch warnings. So say cybersecurity officials across the U.S. and its Five Eyes intelligence alliance partners in a new joint security advisory detailing the 12 most common vulnerabilities and exposures that were most “routinely…
Samsung Patches Memory Address Randomization Bypass Flaw
Android smartphone device manufacturer Samsung has a patch for a flaw used by commercial surveillance hackers to implant malware in the United Arab Emirates. Security researchers at Google and Amnesty International in March reported an exploit chain apparently developed by Barcelona spyware vendor Variston to deploy a surveillance malware to devices located in the UAE….
NLBrute Malware Developer Pleads Not Guilty in US Court
A Russian national accused by U.S. federal prosecutors of developing an application for decrypting login credentials pleaded not guilty during a first appearance in Tampa federal court. The man, Dariy Pankov – also known as “dpxaker” – faces seven criminal counts including conspiracy, access device fraud and computer fraud. On Wednesday in the courthouse for…
Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks
The operating system update, released as part of Microsoft’s scheduled Patch Tuesday, addresses a flaw that lets malicious attackers use rigged files to evade MOTW (Mart of the Web) defenses. “An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability…
Apple Fixes Exploited Zero-Day With iOS 16.1 Patch
The Cupertino device maker confirmed the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks. “An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited,” Apple said…
Malwarebytes Launches MDR Solution for SMBs
Endpoint detection and response (EDR) specialist provider Malwarebytes has launched a new managed detection and response (MDR) solution to bring threat and incident detection to the SMB market. SMBs are heavily targeted by malicious actors because they are often considered to be the soft underbelly of opportunity. The MDR solution combines the security firm’s EDR…
Intel Confirms UEFI Source Code Leak as Security Experts Raise Concerns
Last week, someone announced leaking source code associated with the Alder Lake BIOS — Alder Lake is Intel’s codename for its 12th generation Core processors. The files total nearly 6 Gb and they were made public on GitHub and other websites. Mark Ermolov, a security researcher who specializes in Intel products, analyzed the leaked code…
RealDefense Raises $30 Million to Acquire More Privacy, Cybersecurity Firms
Founded in 2017, the Pasadena, California-based firm provides organizations with privacy, cybersecurity, and optimization solutions for PC, Mac, and mobile devices. The firm offers software and services tailored for consumers and small businesses and has a global presence in 33 countries, claiming to have more than one million customers. Additionally, RealDefense offers an M&A playbook…
