Another flaw found in macOS Mojave’s privacy protection

Posted on February 15th, 2019 by Responsible Cyber

by John E Dunn Ever since Apple announced enhanced privacy protection for macOS Mojave 10.14 last September, a dedicated band of researchers has been poking away at it looking for security flaws. Embarrassingly for Apple, it’s not proved a tough challenge with the first turning up on launch day when one researcher reported a surprising […]

Read More

Update now! Microsoft and Adobe’s February 2019 Patch Tuesday is here

Posted on February 14th, 2019 by Responsible Cyber

by John E Dunn Internet Explorer (IE) may have launched way back in 1995 but nearly a quarter of a century later it’s still creating work for Microsoft and Windows users. Take February’s Patch Tuesday, a highlight of which is a bona fide IE 10 and 11 zero-day said by Microsoft to be under active […]

Read More

Russian ISPs plan internet disconnection test for entire country

Posted on February 12th, 2019 by Responsible Cyber

by John E Dunn At a time and date during 2019 yet to be confirmed, Russia’s major ISPs will in unison temporarily disconnect their servers from the internet, effectively cutting the country off from the outside world. From the point of view of Russian internet users, everything will appear normal – as long as they […]

Read More

Firefox 66 will silence autoplaying web audio

Posted on February 6th, 2019 by Responsible Cyber

by John E Dunn Quieter web browsing is finally within reach for users of Mozilla’s Firefox. It’s been on the to-do list for a while, but a new blog by the company has confirmed that from Firefox 66 for desktop and Firefox for Android, due on 19 March, media autoplay of video or audio will […]

Read More

Privilege escalation vulnerability uncovered in Microsoft Exchange

Posted on January 30th, 2019 by Responsible Cyber

by John E Dunn A researcher has discovered an alarming way that an attacker controlling a Microsoft Exchange mailbox account could potentially elevate their privileges to become a Domain Administrator. The consequences of this would be devastating, but according to Dirk-jan Mollema of Dutch company Fox-IT, it can be achieved by combining three separate weaknesses in […]

Read More

Even Microsoft can’t escape ‘reply all’ email storms

Posted on January 30th, 2019 by Responsible Cyber

by John E Dunn Of all the calamities that befall email users, few are more dreaded than the ‘reply all’ storm. Ask the 11,543 Microsoft employees who reportedly found themselves experiencing the full force of a phenomenon known to science as the ‘cascade effect’. It seems to have started innocently enough when someone made an unspecified […]

Read More

Credential-stuffing attack prompts Dailymotion password reset

Posted on January 30th, 2019 by Responsible Cyber

by John E Dunn Video-sharing website Dailymotion is resetting the account passwords of an unknown number of users after being hit by a “large-scale” credential-stuffing attack. As is often the case with password reset announcements, the technical detail of what happened and how many users were affected remains sketchy. According to an email circulating on […]

Read More