<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/14/2021

Cadre
Tue, Sep 14, 2021
SHARE

Software Updates

Apple patches against alleged NSO Group zero-click exploit used on activists

Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers. The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets - including the phone of a Saudi activist in March, researchers at Citizen Lab said. READ MORE...

Information Security

Leaked documents reveal the special rules Facebook uses for 5.8M VIPs

Facebook had a problem on its hands. People were making posts that got caught in the company's automated moderation system or were taken down by its human moderators. The problem wasn't that the moderators, human or otherwise, were wrong to take down the posts. No, the problem was that the people behind the posts were famous or noteworthy, and the company didn't want a PR mess on its hands. READ MORE...

Exploits/Vulnerabilities

Global Databases Riddled with an Average of 26 Vulnerabilities

Nearly half (46%) of the world's on-premises databases contain known vulnerabilities - most of which are high or critical severity, according to a new five-year study from Imperva. The security vendor scanned 27,000 databases globally over five years and discovered that they contained 26 vulnerabilities each on average. Some 56% of these were ranked in the top two severity categories, meaning they could lead to serious compromise if exploited. READ MORE...

How a glitch in the Matrix led to apps potentially exposing encrypted chats

The Matrix[.]org Foundation, which oversees the Matrix decentralized communication protocol, said on Monday multiple Matrix clients and libraries contain a vulnerability that can potentially be abused to expose encrypted messages. The organization said a blunder in an implementation of the Matrix key sharing scheme - designed to allow a user's newly logged-in device to obtain the keys to decrypt old messages - led to the creation of client code that fails to adequately verify device identity. READ MORE...

On This Date

  • ...in 1956, the IBM RAMAC 305 was introduced.
  • ...in 1959, the Soviet probe Luna 2 crashes onto the Moon, becoming the first man-made object to reach it.
  • ...in 1994, Major League Baseball cancels the 1994 season and the World Series.
  • ...in 2000, Microsoft introduced the last update to the OS, MS-DOS. (Version 8.0)

Cadre

Related posts

IT Security Newsletter - 1/2/2020

Microsoft seizes 50 websites used by North Korean hackers to gather intelligence Microsoft has...
Read more

IT Security Newsletter - 4/2/2020

Attackers can use Zoom to steal users' Windows credentials with no warning Users of Zoom for...
Read more

IT Security Newsletter - 6/4/2020

Office 365 users: Beware of fake company emails delivering a new VPN configuration Phishers are...
Read more