Security

Microsoft's Edge browser has replaced Internet Explorer in almost every regard, but some exceptions remain. One of those, deep inside Microsoft Word, was exploited by a North-Korean-backed group this fall, Google security researchers claim.

It's not the first time the government-backed APT37 has utilized Internet Explorer's lingering presence, as Google's Threat Analysis Group (TAG) notes in a blog post. APT37 has had repeated success targeting South Korean journalists and activists, plus North Korean defectors, through a limited but still successful Internet Explorer pathway.

Apple on Monday patched a high-severity zero-day vulnerability that gives attackers the ability to remotely execute malicious code that runs with the highest privileges inside the operating system kernel of fully up-to-date iPhones and iPads.

Google researchers said on Wednesday they have linked a Barcelona, Spain-based IT company to the sale of advanced software frameworks that exploit vulnerabilities in Chrome, Firefox, and Windows Defender.

As Elon Musk critics flee from Twitter, Mastodon seems to be the most common replacement. In the last month, the number of monthly active users on Mastodon has rocketed more than threefold, from about 1 million to 3.5 million, while total number of users jumped from about 6.5 million to 8.7 million.

Google has detailed a critical security flaw for phones containing a Mali GPU that has yet to be properly addressed.

Google's Project Zero team posted on its official blog details on what this issue is and why it is so important that a fix for it comes out immediately. The critical security issue, CVE-2022-33917, affects devices containing ARM's Mali GPU. The report lists users of devices from Google, Samsung, Xiaomi, and OPPO with a Mali GPU are at risk of this critical unpatched security flaw.

According to the Digital Defense Report published by Microsoft, threat actors are increasingly leveraging publicly-disclosed zero-day vulnerabilities to target organizations worldwide.

The researchers noticed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability and remarked on the importance of the patch management process.

Online storage giant Dropbox announced this week that a phishing campaign targeting its developers was successful, allowing hackers to gain access to the company’s GitHub accounts.

In a statement on Tuesday, Dropbox said the hackers were able to copy 130 code repositories and gain access to credentials as well as information on Dropbox employees, current and past customers, sales leads, and vendors.

Exploit code was released this week for a just-patched vulnerability in VMware Cloud Foundation and NSX Manager appliances that allows hackers with no authentication to execute malicious code with the highest system privileges.

Apple on Monday patched a high-severity zero-day vulnerability that gives attackers the ability to remotely execute malicious code that runs with the highest privileges inside the operating system kernel of fully up-to-date iPhones and iPads.

Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world.