Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS platform, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities to exploit vulnerabilities, evade defenses, or coerce users to infect their devices.
Predictions 2023: Big Tech’s Coming Security Shopping Spree
The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.
Predictions 2023: Big Tech’s Coming Security Shopping Spree
The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.
Netwrix Acquires Remediant for PAM Technology
Data security software vendor Netwrix has acquired Remediant, an early-stage startup working on technology in the PAM (privileged access management) category.
Financial terms of the acquisition were not disclosed.
Microsoft Patches Azure Cross-Tenant Data Access Flaw
Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.
LastPass Says Password Vault Data Stolen in Data Breach
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.
FoxIt Patches Code Execution Flaws in PDF Tools
Foxit Software has rolled out a critical-severity patch to cover a dangerous remote code execution flaw in its flagship PDF Reader and PDF Editor products.
Google Workspace Gets Client-Side Encryption in Gmail
Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers.
US Food Companies Warned of BEC Attacks Stealing Food Product Shipments
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of shipments of food products and ingredients.
Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG
Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.
The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG.