Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Meet Jessica Scherlag: Senior Manager of Social Media and Engagement
Jessica Scherlag discusses the importance of social media platforms, her unconventional career path, and the benefits of pushing past your comfort zone.
Google Patches Chrome’s Fifth Zero-Day of the Year
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
The bloggings will continue … 2022-08-18 07:01:00
This blog is moving to a new home. Future blog postings will appear as if by magic at: https://secawareblog.blogspot.com/ To continue receiving this stuff, please update your bookmarks and blog aggregators accordingly. Rest assured…
APT Lazarus Targets Engineers with macOS Malware
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.
Deploying Akamai MFA at Scale: 6 Lessons Learned
Planning a multi-factor authentication (MFA) rollout? Take a look at the six lessons we learned when we deployed Akamai MFA.
Xiaomi Phone Bug Allowed Payment Forgery
Mobile transactions could’ve been disabled, created and signed by attackers.
Black Hat and DEF CON Roundup
‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.
Control is …
… technical, physical, procedural, legal, social, mechanical, economic, political …… applied to processes, systems, machines, people, quality … … [a] “measure that maintains and/or modifies riskNote 1 to entry: Controls include, b…
CVE-2022-30216 – Authentication coercion of the Windows ?Server? service
In this blog, see how an off-by-one error could lead to domain controller access in Microsoft Server Service.