Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
The information-disclosure issue, affecting Macs, iPhones and iPads, allows a snooping website to find out information about other tabs a user might have open. Source: Threatpost.com
Continue ReadingA security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements. Source: Threatpost.com
Continue ReadingZoho’s comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution. Source: Threatpost.com
Continue ReadingAttackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers. Source: Threatpost.com
Continue ReadingThe country’s FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil’s infrastructure. Source: Threatpost.com
Continue ReadingA cloudy campaign delivers commodity remote-access trojans to steal information and execute code. Source: Threatpost.com
Continue ReadingThe large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score. Source: Threatpost.com
Continue ReadingThe malware establishes initial access on targeted machines, then waits for additional code to execute. Source: Threatpost.com
Continue ReadingDangerous security bugs stemming from widespread inconsistencies among 16 popular third-party URL-parsing libraries could affect a wide swath of web applications. Source: Threatpost.com
Continue ReadingESXi version 7 users are still waiting for a full fix for a high-severity heap-overflow security vulnerability, but Cloud Foundation, Fusion and Workstation users can go ahead and patch. Source: Threatpost.com
Continue Reading