+84949482065
Security vulnerabilities in Microsoft Teams could allow an attacker to spoof link previews, leak IP addresses, and even access internal services. Here https://portswigger.net/daily-swig/multiple-vulnerabilities-in-microsoft-teams-could-spoof-urls-leak-ip-addresses
The primary cause of Log4Shell, formally known as CVE-2021-44228, is what NIST calls improper input validation. More information https://isc.sans.edu/diary/Example+of+how+attackers+are+trying+to+push+crypto+miners+via+Log4Shell/28172
Backups are the primary way to preserve data. On smartphones, backups are handled automatically by the OS. Windows lacks a convincing backup app; numerous third-party tools are available, some of…
Elcomsoft Phone Breaker 10.1 fixes bugs and improves compatibility, adding support for macOS 12 Monterey and the ability to extract Apple Maps data from end-to-end encrypted containers. More https://www.elcomsoft.com/news/801.html
Data storage company Western Digital is urging customers who own MyCloud devices to upgrade to My Cloud OS 5. As of January 15, 2022, “devices that are compatible with My…
An industrial control systems security firm brought in to help an automation engineering company deal with a major attack against a Building Automation System (BAS), which includes light switches, motion…
Apache has once again updated Log4j, this time to version 2.17. The newest version of the logging library fixes a high-severity denial-of-service issue. The vulnerability affects all versions of Log4j…
Telehealth app Doxy.me says it fixed a vulnerability in its site that mistakenly leaked confidential patient information to Facebook and Google. Detail https://www.cyberscoop.com/doxy-me-data-leak-facebook-google/
A new White House policy requires some federal agencies to assess the impact of cyberattacks and report them within 24 hours. Ref https://edition.cnn.com/2021/12/10/politics/white-house-red-line-policy-cyberattacks/index.html
Adversaries stole about $140 million worth of virtual currency from users of popular blockchain gaming company VulcanForge, the latest campaign targeting cryptocurrency investors. More https://www.vice.com/en/article/4awxep/hackers-steal-dollar140-million-from-users-of-crypto-gaming-company
