Krebs on Security: 'Wormable' Flaw Leads July Microsoft Patches
Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, "wormable" flaw in Windows Server versions that Microsoft says is likely to be exploited soon. While this particular weakness mainly affects enterprises, July's care package from Redmond has a little something for everyone. So if you're a Windows (ab)user, it's time once again to back up and patch up (preferably in that order). READ MORE...
Wattpad data breach exposes account info for millions of users
An allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000. Now it is being offered for free on hacker forums. Watthpad is a web site that allows members to publish user-generated stories on a variety of different topics. The site is immensely popular and is ranked as the the 150th most visited site worldwide. Since July 7th, BleepingComputer has been tracking the rumored private sale of a Wattpad database containing over 200 million records. READ MORE...
Adobe fixes critical bugs in Creative Cloud, Media Encoder
Adobe has released security updates to address four critical vulnerabilities that could allow attackers to execute arbitrary code and write arbitrary files on Windows devices running vulnerable versions of Creative Cloud, Adobe Download Manager, and Adobe Media Encoder. These important severity vulnerabilities were found in Adobe ColdFusion and Adobe Genuine Service, and they affect both Windows and macOS devices running unpatched software versions. READ MORE...
Malware stashed in China-mandated software is more extensive than thought
Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there's evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China. GoldenHelper hid inside the Golden Tax Invoicing software, which all companies registered in China are mandated to use to pay value-added taxes. READ MORE...
This device keeps Alexa and other voice assistants from snooping on you
As the popularity of Amazon Alexa and other voice assistants grows, so too does the number of ways those assistants both do and can intrude on users' privacy. Now, researchers have developed a device that may one day allow users to take back their privacy by warning when these devices are mistakenly or intentionally snooping on nearby people. LeakyPick is placed in various rooms of a home or office to detect the presence of devices that stream nearby audio to the Internet. READ MORE...
After Assange indictment, DDoSecrets publishes old WikiLeaks chats, strategy sessions
Every anti-secrecy group operates in the long shadow of WikiLeaks. But that doesn't mean WikiLeaks is off limits. Distributed Denial of Secrets, a semi-anonymous group of transparency activists, on Tuesday released the AssangeLeaks. It's a collection of files that DDoSecrets says is meant to "illustrate how WikiLeaks operates behind closed doors" at a time when WikiLeaks founder Julian Assange is facing criminal charges in the U.S. READ MORE...
Cisco Investigating Report of Vulnerability Found in Counterfeit Switches
Cisco has launched an investigation after researchers at F-Secure analyzed two counterfeit Cisco switches that appeared to exploit a previously unknown vulnerability. The fake Cisco Catalyst 2960-X series switches were used by an IT company. F-Secure was called in to conduct an analysis after the counterfeit devices were discovered in the fall of 2019. The switches stopped working after a software upgrade, which led the IT company to realize that it had been unknowingly using fake Cisco equipment. READ MORE...
Vulnerabilities Impact Multiple Rittal Products Due to Use of Same Firmware
Researchers have discovered several potentially serious vulnerabilities affecting monitoring, cooling and power distribution products made by Germany-based Rittal. According to Austria-based cybersecurity company SEC Consult, Rittal's CMC III industrial and IT monitoring system, LCP CW cooling system, and the entire portfolio of power distribution units (PDU) are impacted by six types of vulnerabilities. The affected products all use the same base firmware. READ MORE...
- ...in 1799, the Rosetta Stone is found in Egypt by French Army officer Pierre-Francois Bouchard.
- ...in 1961, actor Forest Whitaker ("Bird", "The Last King of Scotland") is born in Longview, TX.
- ...in 1967, film effects designer and "MythBusters" co-host Adam Savage is born in New York City.
- ...in 2003, the Mozilla Foundation is established following the disbanding of its precursor company, Netscape.
