Apple has released security updates for iOS 13.3 and macOS Catalina 10.15.2, as well as other products to include Safari, watchOS, tvOS, iTunes, iCloud and Xcode.
Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
Baltimore City computer network has been a victim of a ransomware attack that has taken data for hostage and knocked out city services.
A former student at the College of St. Rose, in New York used a weaponized USB stick dubbed "USB Killer" to destroy 59 university computers and seven monitors that had open USB slots.
ASUS released a new security update in response to Advanced Persistent Threat (APT) actors that targeted certain international organizations. A new version of ASUS Live Update was made available.
Security researchers at F-Secure have uncovered a decade-old attack that exploits firmware weaknesses in laptops to expose encryption keys and sensitive data.
Lenovo warned its customers about two critical Broadcom WiFi vulnerabilities that affect 25 ThinkPad models. The firmware vulnerabilities impact Broadcom’s BCM4356 Wireless LAN Driver for Windows 10 and contain buffer overflow flaws.
A security researcher has spotted a new strain of malware dubbed "MaMi" (OSX/MaMi) that targets Mac OS X DNS settings.
In the wake of Apple's most recent and embarassing blunder regarding the macOS High Sierra root login flaw, I felt it was a good time to revisit Apple Mac hardening guidelines that can help users and IT admins better secure Apple's OS, to include macOS and OS X.