Ryan Naraine – TFun dot org

Attack Surface Management Play Censys Scores $35M Investment

27/01/2022Ryan Naraine

The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion. read more Source: Security Week

Apple Patches 'Actively Exploited' iOS Security Flaw

27/01/2022Ryan Naraine

Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.” In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension. read more Source: Security Week

UK's NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap

25/01/2022Ryan Naraine

The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority software security vulnerabilities. read more Source: Security Week

Prolific Chinese APT Caught Using 'MoonBounce' UEFI Firmware Implant

20/01/2022Ryan Naraine

Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. read more Source: Security Week

Project Zero: Zoom Platform Missed ASLR Exploit Mitigation

19/01/2022Ryan Naraine

A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation, a blunder that greatly increased exposure to malicious hacker attacks. read more Source: Security Week

1Password Raises Mammoth $620 Million Funding Round

19/01/2022Ryan Naraine

Investors continue to pour cash into Canadian password management software vendor 1Password, pushing the company’s valuation to $6.8 billion. read more Source: Security Week

Apple Patches iOS HomeKit Flaw After Researcher Warning

12/01/2022Ryan Naraine

Apple has released an iOS security update with a fix for a persistent denial-of-service flaw in the HomeKit software framework but only after an independent researcher publicly criticized the company for ignoring his discovery. read more Source: Security Week

Patch Tuesday: Microsoft Calls Attention to 'Wormable' Windows Flaw

11/01/2022Ryan Naraine

Microsoft’s first batch of patches for 2022 is a big one: 97 documented security flaws in the Windows ecosystem, some serious enough to cause remote code execution attacks. read more Source: Security Week

Author: Ryan Naraine

Attack Surface Management Play Censys Scores $35M Investment

Apple Patches 'Actively Exploited' iOS Security Flaw

UK's NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap

Prolific Chinese APT Caught Using 'MoonBounce' UEFI Firmware Implant

Project Zero: Zoom Platform Missed ASLR Exploit Mitigation

U.S. Olympians Told to Use 'Burner Phones' in China

1Password Raises Mammoth $620 Million Funding Round

Five Key Signals From Russia's REvil Ransomware Bust

Apple Patches iOS HomeKit Flaw After Researcher Warning

Patch Tuesday: Microsoft Calls Attention to 'Wormable' Windows Flaw