Month: February 2021

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings…

What can municipalities do to better protect their water supply systems? We reported recently about an attack against the water supply in Oldsmar, Florida, and worry about the potential for future and copycat attacks against other lightly defended water treatment systems in small towns worldwide and what can be done to stem such incursions. In…

While you’re living out your fantasies, your internet-enabled sex toy may be setting you up for a privacy nightmare We did it. Somehow, we got through 2020 and now Valentine’s Day is just around the corner. And yet 2020’s imprint may still be observed everywhere, and – believe it or not – the COVID-19 pandemic…

High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported 10 years prior An analysis of data collected by the United States’ National Institute of Standards and Technology (NIST) about common vulnerabilities and exposures (CVEs) has found that 2020 saw more reports of security loopholes than any other year to date.…

The vaccination push provides a vital shot in the arm for the world’s battle against the pandemic, but it’s also a topic ripe for exploitation by fraudsters and purveyors of misinformation The rollouts of COVID-19 vaccines are steadily gaining speed, sparking hope that we may see the end of the pandemic and return to normal…

The US Federal Trade Commission received 1.4 million reports of identity theft last year, double the number from 2019 The number of reported cases of identity theft in the United States doubled in 2020 year-on-year, the Federal Trade Commission (FTC) has said. In a blogpost marking the start of Identity Theft Awareness Week, the FTC said that…

Sharing your thoughts or photos for the world to see is now as easy as pushing a button, but even a seemingly harmless post may come back to haunt you Facebook, the white and blue social media behemoth, has been part of our lives for exactly 17 years. Some of us still remember the days…

Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google Google’s Project Zero team revealed that a quarter of zero-day exploits detected in 2020 could have been prevented had the vendors issued proper patches for the underlying security flaws. In its Year in Review bloggpost,…

ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos ESET researchers have analyzed malware that has been targeting high performance computing (HPC) clusters, among other high-profile targets. We reverse engineered this small, yet complex, malware that is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows.…

“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app Android users should watch out for new wormable malware that spreads through WhatsApp and lures the prospective victims into downloading an app from a website masquerading as Google Play. ESET malware researcher Lukas Stefanko looked…