Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
While also spoofing all the trusted domains - Apple, Microsoft, and Google - in the same attack
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and patch bugs before adversaries can
Omnissa telemetry suggests business buyers are loving Apple and Google End-user compute vendor Omnissa, the company formed by the spin-out of VMware’s virtual desktops, applications, and device management biz, has dug into the telemetry it collects from customers and painted a picture of the world’s enterprise hardware fleet – and the news is better for Google and Apple than it is for Microsoft.…
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare's public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says Aisuru's overlords are using the botnet to boost their malicious domain rankings, while simultaneously attacking the company's domain name system (DNS) service.
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.
Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations.…
Hello loophole could let a rogue admin, or a pwned one, inject new facial scans Black Hat Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.…
Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks?
Can't reach someone's private server on localhost from outside? No problem A years-old security oversight has been addressed in basically all web browsers – Chromium-based browsers, including Microsoft Edge and Google Chrome, WebKit browsers like Apple's Safari, and Mozilla's Firefox.…
Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too After falling down in the estimations of major browser makers Google and Mozilla, Entrust faces a lengthy fight on its hands to regain industry trust and once more issue trusted TLS certificates.…
AI Integration Boosts Siri's User Writing Tools As Apple Plays Catch Up to RivalsApple partnered with OpenAI to integrate ChatGPT into Siri and introduce artificial intelligence capabilities through free access with privacy protections as well as optional paid features. The move is intended to help Apple keep up with competitors like Google and Microsoft.
Plus: Google Chrome, Apple bugs also exploited in the wild Happy May Patch Tuesday. We've got a lot of vendors joining this month's patchapalooza, which includes a handful of bugs that have been exploited — either in the wild or at Pwn2Own — and now fixed by Microsoft, Apple, Google and VMware.…
Microsoft fixed 36 flaws. Adobe addressed 212. Apple, Google, Cisco, VMware and Atlassian joined the party It's the last Patch Tuesday of 2023, which calls for celebration – just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course.…
The passwordless technology is becoming popular because Apple, Google, and Microsoft have a solution for accounts recovery, but enterprises are slow-walking their passkey adoption plans.
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.
One year after Apple, Google and Microsoft pledged to support the FIDO Alliance’s passkeys standard, support is growing, though still early in adoption.
As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple
Hackers continue to target zero-day vulnerabilities in malicious campaigns, with researchers reporting that 55 zero-days were actively exploited in 2022, most targeting Microsoft, Google, and Apple products. [...]