June 14, 2021

Apple released an out-of-band iOS update for older iPhones and iPads and warned that threat actors are actively exploiting two flaws in WebKit. Apple released an out-of-band iOS update ( iOS 12.5.4 patch) for older iPhones and iPad, the IT giant also warned that some vulnerabilities affecting its WebKit may have been actively exploited. WebKit is a browser […]

The post Apple fixed 2 WebKit flaws exploited to target older iPhones appeared first on Security Affairs.

Read More Apple fixed 2 WebKit flaws exploited to target older iPhones

Microsoft disrupted a large-scale business email compromise (BEC) campaign that used forwarding rules to access messages related to financial transactions. Microsoft researchers announced to have disrupted the cloud-based infrastructure used by crooks in a recent large-scale business email compromise (BEC) campaign. The attackers breached the mailboxes of the victims using phishing messages, then exfiltrated sensitive […]

The post Microsoft experts disrupted a large-scale BEC campaign appeared first on Security Affairs.

Read More Microsoft experts disrupted a large-scale BEC campaign

Microsoft spotted a series of attacks that use SEO poisoning to deliver a remote access trojan (RAT) used by threat actors to steal sensitive data. Microsoft is monitoring a wave of cyber attacks that leverages SEO poisoning to deliver a remote access trojan (RAT) to steal sensitive data from the infected systems The IT giant […]

The post SEO poisoning campaign aims at delivering RAT, Microsoft warns appeared first on Security Affairs.

Read More SEO poisoning campaign aims at delivering RAT, Microsoft warns

This is a current list of where and when I am scheduled to speak:

Read More Upcoming Speaking Engagements

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.

The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog.

Read More Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.

The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog.

Read More Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

This is probably worth paying attention to:

A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content. This includes things like “faceprints and voiceprints,” the policy explained. Reached for comment, TikTok could not confirm what product developments necessitated the addition of biometric data to its list of disclosures about the information it automatically collects from users, but said it would ask for consent in the case such data collection practices began…

Read More TikTok Can Now Collect Biometric Data

Honeywell is a massive organization in the American industrial market, and an industrial cybersecurity world leader. The organization has introduced an advanced cybersecurity monitoring and occurrence response service. This service…

The post Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety appeared first on Hacker Combat.

Read More Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety

Honeywell is a massive organization in the American industrial market, and an industrial cybersecurity world leader. The organization has introduced an advanced cybersecurity monitoring and occurrence response service. This service…

The post Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety appeared first on Hacker Combat.

Read More Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety

Honeywell is a massive organization in the American industrial market, and an industrial cybersecurity world leader. The organization has introduced an advanced cybersecurity monitoring and occurrence response service. This service…

The post Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety appeared first on Hacker Combat.

Read More Honeywell Introduces Operational Technology Cybersecurity Service to Facilitate Monitoring and Response, and Boost Safety

The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware gangs operating within their countries. G7 member states have called on Russia and other states to dismantle operations of ransomware gangs operating within their countries. The call to action follows the large number of ransomware […]

The post G7 calls on Russia to dismantle operations of ransomware gangs within its borders appeared first on Security Affairs.

Read More G7 calls on Russia to dismantle operations of ransomware gangs within its borders

Today’s podcast looks at evidence the Avaddon ransomware group is giving up, how a baby clothes retailer’s shortcut created exposed customers’ data and a warning to Samsung device owners

The post Cyber Security Today, June 14, 2021 – Avaddon ransomware group apparently gives up, a retailer’s shortcut backfires and a warning to Samsung device owners first appeared on IT World Canada.

Read More Cyber Security Today, June 14, 2021 – Avaddon ransomware group apparently gives up, a retailer’s shortcut backfires and a warning to Samsung device owners