The last Patch Tuesday of the year brings another fresh batch of fixes for Microsoft products and while the number may be lower the patches are no less important. In the last Patch Tuesday of the year Microsoft has rolled out fixes to no fewer than 58 vulnerabilities across more than ten products including Windows and…

LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack ESET researchers discovered that chat software called Able Desktop, part of a business management suite popular in Mongolia and used by 430 government agencies in Mongolia (according to Able), was used to deliver the HyperBro backdoor (commonly used by LuckyMouse), the Korplug RAT (also known as PlugX), and a RAT called Tmanger (which was first documented by NTT Security and was used during Operation Lagtime IT campaigns attributed to TA428 by Proofpoint). A connection with…

The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data Security vulnerabilities in Bumble, one of today’s most popular dating apps, could have exposed the personal information of its entire, almost 100 million-strong user-base. The bugs – which affected Bumble’s application programming interface (API) and stemmed…