How iOS App Permissions Open Holes for Hackers

Posted on April 6th, 2019 by Responsible Cyber

The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research. In many ways, the era of the smartphone is defined by apps, which do everything from sending messages to tracking our exercise. New research shows how Apple iOS apps come […]

Read More

SoftNAS Cloud 0day found: Upgrade ASAP

Posted on March 24th, 2019 by Responsible Cyber

SoftNAS users should upgrade their virtual appliance immediately following the discovery of a security issue in the product’s session management. Texas pen-testing outfit Digital Defense discovered the vulnerability during an engagement and coordinated disclosure with SoftNAS. Version 4.2.2 contains the relevant security patch. “SoftNAS Cloud Enterprise 4.2.0 is vulnerable to an authenticated bypass that could […]

Read More

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Facebook is probing a […]

Read More

How to make DuckDuckGo your default Chrome search engine

Posted on March 15th, 2019 by Responsible Cyber

by Danny Bradbury Privacy-conscious web users now have a new way to search in Chrome’s address bar. Version 73 of the browser, released Tuesday, now includes the DuckDuckGo search engine as an option. Included without fanfare, the feature enables users to search DuckDuckGo by default from the address bar, but they must set this option […]

Read More

Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Posted on March 14th, 2019 by Responsible Cyber

WhatsApp, Facebook, and Instagram faced a widespread outage yesterday with users from around the world reporting issues with sending messages on WhatsApp and Messenger, posting feeds on Facebook and accessing other features on the three Facebook-owned platforms.While the outage was quite troubling both for the social media giant and its millions of users, guess who […]

Read More

Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition

Posted on March 14th, 2019 by Responsible Cyber

Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update.The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions.Upon successful exploitation, both critical vulnerabilities could allow an […]

Read More

Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

Posted on February 21st, 2019 by Responsible Cyber

Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide.Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released […]

Read More

Cybersecurity and the Human Element: We’re All Fallible

Posted on February 13th, 2019 by Responsible Cyber

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers. First of a six-part series. We are only human; we all make mistakes sometimes. Until the day when both the offensive and defensive sides of cyberattacks are conducted entirely by machines, we need to […]

Read More

Security firm beats Adobe by patching reader flaw first

Posted on February 13th, 2019 by Responsible Cyber

by Danny Bradbury Adobe has patched a flaw that enabled attackers to slurp a user’s network authentication details – but not before someone else patched it first. Security researcher Alex Inführ discovered a flaw in Adobe Reader which enabled a malicious PDF file to trigger a callback from the program. A compromised program would communicate […]

Read More

Firefox 66 will silence autoplaying web audio

Posted on February 6th, 2019 by Responsible Cyber

by John E Dunn Quieter web browsing is finally within reach for users of Mozilla’s Firefox. It’s been on the to-do list for a while, but a new blog by the company has confirmed that from Firefox 66 for desktop and Firefox for Android, due on 19 March, media autoplay of video or audio will […]

Read More