Microsoft 365 anti-phishing feature can be bypassed with CSS
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails. Specifically,…
Category: Bleeping Computer
macOS Sequoia brings better Gatekeeper, stalkerware protections
Apple’s macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. Gatekeeper is…
How MSPs and MSSPs offer vCISO services with skilled CISOs in short supply
A new eBook by Cynomi, “What does it take to be a full-fledged Virtual CISO?” lays out exactly how service providers can easily, rapidly, and economically expand…
Critical Progress WhatsUp RCE flaw now under active exploitation
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The…
Google Chrome will let you send money to your favourite website
Google has confirmed plans to implement Web Monetization in Chrome, allowing website owners to receive micro-payments as tips or rewards for their content as an…
INTERPOL recovers over $40 million stolen in a BEC attack
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. INTERPOL says this is…
Proton VPN adds ‘Discreet Icons’ to hide app on Android devices
Proton VPN has announced a series of updates to its Windows and Android apps to help users combat censorship, circumvent blocks, and protect themselves from…
Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault
Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports demonstrating critical attack scenarios. The…
France’s Grand Palais discloses cyberattack during Olympic games
The Grand Palais Réunion des musées nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024. Grand Palais…
Why hackers target stolen credentials for initial access
It’s a common story: weak or reused passwords find their way online, with damaging consequences for organization. Criminals increasingly deploy stolen credentials to gain initial…
Hacker wipes 13,000 devices after breaching classroom management platform
A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student’s iPads and Chromebooks.…
Google fixes Android kernel zero-day exploited in targeted attacks
Image: MidjourneyAndroid security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. The zero-day, tracked as CVE-2024-36971,…