Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device
Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key ActivityThis week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K.
Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.
Recompiled binaries and phone threats used to boost the pressure Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns - including exploiting a security flaw in remote-access tool SimpleHelp if orgs haven't patched it.…
Also, Baltimore Public Schools Suffer Data Breach, Disney Menu Hacker SentencedThis week, zero-day exploits surged, accused Nefilim hacker extradited, Baltimore schools breach, CISA lists Broadcom Brocade, Commvault flaws, a fake WooCommerce patch, Akira hit Hitachi Vantara, ex-Disney worker sentenced and a Darcula phishing kit upgrade. FBI published 42,000 phishing domains.
CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. [...]
Infecting networks via years-old CVEs that should have been patched by now Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).…
CISA, FBI, and MS-ISAC warned network admins today to immediately patch their Atlassian Confluence servers against a maximum severity flaw actively exploited in attacks. [...]
The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]
PLUS: FBI admits buying NSO spyware; "IT" company busted for drugs 'n guns biz; this week's critical vulns Infosec in brief If you're wondering what patches to prioritize, ponder no longer: An international group of cybersecurity agencies has published a list of the 12 most commonly exploited vulnerabilities of 2022 – a list many will recognize. …
Plus: Cisco Umbrella flaw patched, lid blown off TeamTNT, and ICS security folks join JCDC party In brief The BlackCat ransomware gang, said to be the first-known ransomware group to successfully break into networks with Rust-written malware, has attacked at least 60 organizations globally as of March, according to the FBI.…
Plus: Ransomware gangster sentenced, Dell patches more Log4j bugs, and cartoon apes gone bad In Brief Triton malware remains a threat to the global energy sector, according to an FBI warning.…
Patch flaws and enforce authentication policies, CISA and FBI warn State-sponsored threat actors from Russia over the last year breached a non-governmental organization (NGO) by leveraging multifactor authentication (MFA) defaults and exploiting the PrintNightmare vulnerability in Windows Print Spooler.…