Apple is being called to task for neglecting to patch two “actively exploited” zero-day vulnerabilities on older versions of its flagship macOS platform.
Apple Leaves Big Sur, Catalina Exposed to Critical Flaws: Intego
Denonia: First Malware Targeting AWS Lambda
Researchers have come across what appears to be the first piece of malware designed to specifically target AWS Lambda environments.
Symantec: Chinese APT Group Targeting Global MSPs
Malware hunters at Broadcom’s Symantec division have spotted signs that a long-running cyberespionage campaign linked to Chinese nation-state hackers is now going after managed service providers (MSPs) with a more global footprint.
CashApp Says Ex-Employee Stole Customer Stock Trading Data
Financial services and stock trading platform CashApp on Tuesday fessed up to a data breach being blamed on a former employee who stole brokerage data, including portfolio values, from an unknown number of U.S. accounts.
Experts Warn Defenders: Don’t Relax on Log4j
It’s been four months since the Log4j issue exploded onto the internet. All the major software vendors affected by it have by now released patches – but even where companies have patched, it would be wrong to relax.
Apple Ships Emergency Patches for ‘Actively Exploited’ macOS, iOS Flaws
Apple’s security response team on Thursday released emergency patches to cover a pair of “actively exploited” vulnerabilities affecting macOS, iOS and iPadOS devices.
New Modem Wiper Malware May be Connected to Viasat Hack
A pair of security researchers at SentinelLabs have intercepted a piece of destructive wiper malware hitting routers and modems and found digital breadcrumbs suggesting a link to the devastating Viasat hack that took down wind turbines in Germany.
Skiff Banks $10.5M for E2E Encrypted Workplace Collaboration
Sequoia Capital has doubled down on its early-stage investment in Skiff, a startup building a security-themed, end-to-end encrypted workspace collaboration platform.
Investors Bet on Cyberpion in Attack Surface Management Space
Attack surface management specialists Cyberpion has secured $27 million in early-stage funding to build technology that helps organizations manage exposure to risk.
Chrome Browser Gets Major Security Update
Google this week released a security-themed Chrome browser makeover with patches 28 documented vulnerabilities, some serious enough to lead to code execution attacks.
The new browser refresh is now rolling out to Windows, Mac and Linux users as Chrome 100.0.4896.60.
