Subterms
Microsoft has released today its monthly roll-up of security updates known as Patch Tuesday. This month, the Redmond-based company patched 115 vulnerabilities, marking this month’s patches as the biggest in the company’s history. However, despite this month’s pretty bulky release, nobody will be talking about it today. Instead, they’ll be busy talking about how a […] More
Image: Geralt on Pixabay Details about a new “wormable” vulnerability in the Microsoft Server Message Block (SMB) protocol have accidentally leaked online today during the preamble to Microsoft’s regular Patch Tuesday update cycle. No technical details have been published, but short summaries describing the bug have been posted on the websites of two cyber-security firms, […] More
Microsoft announced today a coordinated takedown of Necurs, one of the largest spam and malware botnets known to date, believed to have infected more than nine million computers worldwide. The takedown effort came after Microsoft and industry partners broke the Necurs DGA — the botnet’s domain generation algorithm, the component that generates random domain names. […] More
Today, a team of academics from universities across the world, along with vulnerability researchers from Bitdefender, have disclosed a new security flaw in Intel processors. Named Load Value Injection, or LVI for short, this is a new class of theoretical attacks against Intel CPUs. While the attack has been deemed only a theoretical threat, Intel […] More
Mozilla has released Firefox 74, and it comes with a number of key changes and new features. High on the list of anticipated features is DNS-over-HTTPS, which sends the domain name you typed to a compatible DNS server using an encrypted HTTPS connection rather than plain text, a move that prevents third parties from seeing […] More
In a person-to-person business transaction, when the other person doesn’t know you or know who you are, she may accept credentials that vouch for your identity. Identity management in computer networks is about the following: Whether a set of digital credentials under examination by a service or application can vouch for your identity, and can […] More
A vulnerability impacting Avast and AVG AntiTrack privacy software opened up user PCs to Man-in-The-Middle (MiTM) attacks, browser session hijack, and data theft. Disclosed by David Eade on March 9, the security researcher said the security flaw, tracked as CVE-2020-8987, is a certification validation issue that affects Avast AntiTrack before 1.5.1.172 and AVG AntiTrack before […] More
A ransomware campaign has returned with a new trick to fool the unwary into compromising their network with file-encrypting malware. And it’s an attack which many Windows machines won’t even recognise as potentially malicious. The new variant of Paradise ransomware – which has been active in one form or another since 2017 – spreads via […] More
