Windows 10 on a phone and laptop.

Microsoft Accidentally Signs Malware-Infected Driver

Microsoft has accidentally signed a driver called Netfilter, which contains malware and is distributed within gaming environments. Cybersecurity researchers have been tracing the malware and its activities and found that it communicates with Chinese command and control (C2) IP addresses. That type of malware is called a rootkit, which means that it is programmed to…

Mercedes-Benz Breach Exposes SSNs, Credit Card Numbers, And Birth Dates

A Mercedes-Benz data breach exposed sensitive information owned by their customers. 1.6 million customer records were audited and the breach was found to affect fewer than 1,000 customers. The information in the breach included drivers license numbers, social security numbers, self-reported customer credit scores, credit card numbers, and dates of birth. The German automaker disclosed…

Smartphone with a lock and key on it

Phone Numbers Need To Be Phased Out

Telephones were invented more than a century ago, before the Internet existed. They provided a quick and easy way to communicate with friends, family, and acquaintances in a somewhat affordable manner. As high-speed, unmetered Internet connections become more ubiquitous, they have resulted in the mainstream adoption of calling and instant messaging services that vastly outperform…

iPhone 4S

iOS 12.5.4 Security Update Released For iPhones 7+ Years Old

Apple is rolling out the iOS 12.5.4 update for older iPhones, iPads, and iPods including but not limited to the iPhone 5s, iPhone 6, 6th generation iPod Touch among others. It is a security update that addresses memory corruption and arbitrary code execution (ACE) vulnerabilities. It addresses the following vulnerabilities: CVE-2021-30737 The update addresses WebKit…

eufy security camera

eufy Camera Feeds Leaked To Strangers

Users of eufy smart home cameras (eufyCams) have been seeing the camera feeds of strangers, even in other countries. The controls of affected cameras are also accessible. eufyCams allow users to access their camera feeds anywhere in the world over the Internet. This feature (in any brand of camera) obviously poses a privacy and security…

Cyberattack Shuts Down Pipelines And Causes Gas Shortage

Gas stations across the United States experienced gasoline shortages due to the shutdown of Colonial Pipeline. The shortages resulted in some gas stations running out of gasoline, while others were packed with long lines of customers waiting to buy gasoline. Unsurprisingly, the shortage prompted gasoline hoarding. It was a ransomware attack. Ransomware typically encrypts the…

Network switch in a data center

Cisco Issues Update For ACE, Other Vulnerabilities In SD-WAN vManage

Cisco has issued software updates to address multiple vulnerabilities in their SD-WAN vManage software that could allow remote arbitrary code execution (ACE), unauthorized access to sensitive information, DoS attacks, or gain escalated privileges. Cisco says that the following products are not affected: IOS XE SD-WAN Software SD-WAN cEdge Routers SD-WAN vBond Orchestrator Software SD-WAN vEdge…

Apple Releases Update For ACE Vulnerability In WebKit

Apple has released iOS 14.5.1, which provides a memory corruption bug fix and patches an arbitrary code execution (ACE) vulnerability in WebKit — a web browser engine. Arbitrary code execution refers to an attacker executing code that they should not be able to execute. A malicious website could theoretically execute harmful code on your iPhone,…