Apple Patches ‘Actively Exploited’ iOS Security Flaw
Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.”
In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension.
UK’s NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap
The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority software security vulnerabilities.
PrinterLogic Patches Code Execution Flaws in Printer Management Suite
PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry “high severity” ratings.
Microsoft Restricts Excel 4.0 Macros by Default
Microsoft has announced improved security for the users of its flagship Office productivity suite, courtesy of Excel 4.0 (XLM) macros now being restricted by default.
Cloud Security Provider Anitian Raises $55 Million
Cloud security and compliance automation startup Anitian this week closed a $55 million Series B funding round led by Sageview Capital.
The new investment brings the total raised by Anitian $71 million and provides fresh capital to fuel ambitious expansion plans.
CISA Releases Final IPv6 Security Guidance for Federal Agencies
The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.
Prolific Chinese APT Caught Using ‘MoonBounce’ UEFI Firmware Implant
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements.
Red Cross Falls Victim to Massive Cyberattack
The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday.
Microsoft Edge Adds Security Mode to Thwart Malware Attacks
A new security feature in the latest beta of the Microsoft Edge browser can help protect web surfers from zero-day attacks.
