Jeremy McClure

The login scheme promises it won’t share data — and will be required for all developers using third-party sign-ins.

Is ‘Sign in with Apple’ Marketing Spin or Privacy Magic? Experts Weigh In

0patch has released an interim micropatch for the dangerous LPE bug from SandboxEscaper, while we wait for Microsoft’s official patch.

Zero-Day No More: Windows Bug Gets a Fix

The Russian-speaking APT acts as a support group for high-profile APTs like Sofacy and BlackEnergy.

Zebrocy: A Russian APT Specializing in Victim Profiling, Access

During Infosecurity Europe in London this week, cybersecurity experts sounded off on worries about artificial intelligence being used for nation state cyber weapons.

AI Isn’t Good Enough When Lives Are on the L […]

Threat detection tools don’t take into account the emotional aspect of insider threats, a panel of experts said at Infosecurity Europe this week.

A New Approach for Combating Insider Threats

At Infosecurity Europe, a security expert from Guardicore discusses a new cryptomining malware campaign called Nanshou and why the cryptojacking threat is set to get worse.

Infosecurity Europe: Cryptojacking is […]

Researchers use malicious NFC tags and booby-trapped physical surfaces to connect Android devices to malicious wireless networks.

Tap ‘n Ghost Attack Creatively Targets Android Devices

The iPhone-maker announced the ‘Sign in with Apple’ API, and restrictions on location-tracking.

WWDC 2019: Apple Takes Aim at Facebook on Privacy

An attacker could gain remote access by chaining together an exploit for home routers with the TV flaw.

Smart-TV Bug Allows Rogue Broadcasts

After a year of success, its operators say they earned millions — and are ready to retire.

GandCrab Ransomware Shutters Its Operations

Low-key but effective, steganography is an old-school trick of hiding code within a normal-looking image, where many cybersecurity pros may not think to look.

Malware Payloads Hide in Images: Steganography Gets a Reboot

Attackers can remotely compromise multiple network devices (IP PBX, conferencing gear and IP phones), installing malware and eavesdropping via video and audio functions.

Bugs in Grandstream Gear Lay Open SMBs […]

The attack appears to be associated with a China-backed APT actor.

Some ASUS Updates Drop Backdoors on PCs in ‘Operation ShadowHammer’

The contractor with whom it shared the data has a vulnerable, unpatched network.

FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors

Four have been arrested in the case.

Spycams Secretly Live-Streamed 1,600 Motel Guests

Browsers Firefox and Edge take a beating on day two of the Pwn2Own competition.

Firefox and Edge Fall to Hackers on Day Two of Pwn2Own

Google has snagged three security and privacy certifications for Google Play as it tries to appeal to enterprises despite numerous malicious apps and security issues.

Google Play Touts Certs in Quest For […]

Users of the open-source project should upgrade immediately.

Critical DoS Bug Bubbles Up in Facebook Fizz TLS 1.3 Project

Hacked drones are breaching physical and cyberdefenses to cause disruption and steal data, experts warn.

Drones are Quickly Becoming a Cybersecurity Nightmare