Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers
The vulnerability can be exploited to reveal limited traffic data including a device’s IP address.
Web Security
Critical CODESYS Bug Allows Remote Code Execution
CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.
Tupperware Cyberattack Stores Away Customer Payment Cards
The food container company’s main website had a card skimmer that scooped up online customers’ payment card data.
Emerging APT Mounts Mass iPhone Surveillance Campaign
The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.
As Zoom Booms, Incidents of ‘ZoomBombing’ Become a Growing Nuisance
Numerous instances of online conferences being disrupted by pornographic images, hate speech or even threats can be mitigated using some platform tools.
Hackers Hijack Routers to Spread Malware Via Coronavirus Apps
The router DNS hijacking attacks have targeted more than a thousand victims with the Oski info-stealing malware.
Tokyo Olympics Postponed, But 5G Security Lessons Shine
Threatpost Senior Editor Tara Seals is joined by Russ Mohr, engineer and Apple evangelist at MobileIron along with Jerry Ray, COO at SecureAge, for a discussion about the now postponed Tokyo Games and its use of 5G and the myriad of security concerns J…
GE Employees Lit Up with Sensitive Doc Breach
Marriage, divorce and death certificates, beneficiary info, passports and more were all caught up in an email takeover hack.
Apple Safari Blocks Ad-Targeting Cookie Support
The move follows Google’s announcement last May that it would do the same in Chrome by 2022.
WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike
The DarkHotel group could have been looking for information on tests, vaccines or trial cures.