Sources: F5 blames its breach on state-backed hackers from China who used the Brickstorm malware to infiltrate its network for 12+ months and steal source code
A potentially “catastrophic” breach of a major US-based cybersecurity provider has been blamed on state-backed hackers from China …
Apple says the iPhone 17 and iPhone Air have Memory Integrity Enforcement, “industry-first, always-on memory safety protection”, like Microsoft and Google offer
Memory Integrity Enforcement is always-on safety protection designed to make life harder for spyware developers.
Fortinet discloses a critical FortiManager API flaw being exploited in 0-day attacks to steal sensitive files, after warning customers privately over a week ago
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited …
CrowdStrike SVP Adam Meyers apologizes before Congress over the company's faulty update that caused a global IT outage, to largely sympathetic House lawmakers
House lawmakers struck a sympathetic tone toward the company at a hearing where they nevertheless said nothing like that could happen again.
Apple files to drop its NSO suit, citing Israeli government's alleged seizure of NSO files, and saying Apple's court disclosures may aid NSO and other hackers
Joseph Menn / Washington Post :
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Joseph Menn / Washington Post :
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Joseph Menn / Washington Post :
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Joseph Menn / Washington Post :
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Beijing's hacking effort has “dramatically stepped up from where it used to be,” says former top U.S cybersecurity official.
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Beijing's hacking effort has “dramatically stepped up from where it used to be,” says former top U.S cybersecurity official.
Apple releases iOS 17.5 with cross-platform detection of unwanted tracking devices, EU app downloads from websites, News+ features like offline mode, and more
Apple today released iOS 17.5 and iPadOS 17.5, major updates to the iOS 17 and iPadOS 17 operating system updates that came out last September.
Apple releases iOS 17.5 with cross-platform detection of unwanted tracking devices, EU app downloads from websites, News+ features like offline mode, and more
Apple today released iOS 17.5 and iPadOS 17.5, major updates to the iOS 17 and iPadOS 17 operating system updates that came out last September.
In its lawsuit, the US DOJ alleges CarPlay lets Apple exert too much control over the auto industry; some analysts say the DOJ may be misunderstanding CarPlay
Buried in the 88-page antitrust lawsuit filed by the US Department of Justice against Apple is a reference to everyone's favorite phone-projection system, CarPlay.
The US DOJ's Apple lawsuit has many parallels to its Microsoft lawsuit in the 1990s, but Apple's monopoly position is not nearly as clear-cut as Microsoft's was
“Apple inhibits third-party smartwatches from maintaining a reliable connection with the iPhone.” — To be fair, Apple does that to its own smartwatches too. X: Charles Arthur / @...
Microsoft announces a major security leadership reshuffle as part of its Secure Future Initiative, replacing Bret Arsenault with Igor Tsyganskiy as Global CISO
Amazon, Google, and Cloudflare say a DDoS attack hit 398M RPS in August 2023, ~8x larger than the prior record, due to a new flaw; Google mitigated the attack
Assigner: Mitre Published: 2023-10-10Updated: 2023-10-11 The HTTP/2 protocol allows … Bill Toulas / BleepingComputer : New ‘HTTP/2 Rapid Reset’ zero-day attack breaks DDoS records ...
Google says North Korea-backed hackers are again targeting security researchers via a zero-day exploit; this still unfixed flaw is in a popular software package
Google researchers say currently unfixed vulnerability affects a popular software package. — North Korea-backed hackers …
Google says North Korea-backed hackers are targeting security researchers with an exploit using a currently unfixed zero-day flaw in a popular software package
Google researchers say currently unfixed vulnerability affects a popular software package. — North Korea-backed hackers …
Microsoft says Flax Typhoon, a hacking group active since mid-2021 with suspected Beijing ties, is targeting dozens of organizations in Taiwan, and elsewhere
AJ Vicens / CyberScoop :
Microsoft researchers say Flax Typhoon, a hacking group with suspected links to the Chinese government, is actively targeting dozens of organizations in Taiwan
A group dubbed Flax Typhoon has targeted “dozens” of Taiwanese organizations, according to new research from Microsoft.