Microsoft Improves Azure Active Directory Security with New Roles
Microsoft announced that 16 new Azure Active Directory (Azure AD) lower-privileged roles are available today in preview to help admins improve security by decreasing the number of Global administrators, and to enhance Azure and Microsoft 365 granular delegation capabilities. […]
Apple Software Update Zero-Day Used by BitPaymer Ransomware
Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows. […]
HP Touchpoint Analytics LPE Vulnerability Affects Most HP PCs
HP patched a vulnerability discovered in the HP Touchpoint Analytics software installed by default on most of its Windows laptops and desktops, a flaw allowing attackers to escalate privileges and execute arbitrary code using SYSTEM privileges. […]
Phishing Incident Exposes Medical, Personal Info of 60K Patients
Community-based healthcare system Methodist Hospitals from Gary, Indiana, disclosed that sensitive personal and medical information of 68,039 individuals may have been exposed following a successful phishing attack against two of its employees. […]
EU Member States Publish Joint Report on 5G Networks Security
European Union (EU) member states published a joint high-level report on the coordinated risk assessment on the security of 5G networks, identifying the main threats and threats actors, the most sensitive assets, and the main vulnerabilities behind them. […]
Games and Utility Apps in Play Store Hide Bankers and Spyware
Despite Google’s efforts to keep its Android store risk free, malicious apps continue to make it past the verification process. In September, the assortment of trojans detected in Google Play included downloaders, bankers, adware, and spyware. […]