KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Back to Articles

Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History

bleepingcomputer.com - 7 days ago - by Sergiu Gatlan

Mac-malware

A macOSprivacy protectionbypass flawcould allow potential attackers to access data stored in restricted folders on all macOSMojave release up to the 10.14.3 Supplemental Update released on February 7.

The privacy flaw was discovered by Mac andiOS developerJeff Johnson on February 8, and he has alreadyreceived an automated bug report response after emailing a bug report to Apple Product Security onSaturday morning.

According to Johnson:

Mojave provides special access to this folder for only a few apps, such as Finder. However, I've discovered a way to bypass these protections in Mojave and allow apps to look inside ~/Library/Safari without acquiring any permission from the system or from the user. There are no permission dialogs, It Just Works. In this way, a malware app could secretly violate a user's privacy by examining their web browsing history.

A specially crafted application designed to take advantage of this macOSissue would allow a would-be attacker to snoop on the...(continued)

View Full Original Article

Windows 7 Users: You Need SHA-2 Support or No Windows Updates After July 2019 - Slashdot

tech.slashdot.org - Windows 7 and Windows Server 2008 users need to have SHA-2 code-signing installed by July 16, 2019, in order to continue to get Windows updates after that date. Microsoft issued that warning on February 15 via a Support article. From a report: Windows operating system updates are dual-signed usin...

about 1 hour ago

ISC Stormcast For Tuesday, February 19th 2019 https://isc.sans.edu/podcastdetail.html?id=6378, (Tue, Feb 19th)

isc.sans.edu - ISC Stormcast For Tuesday, February 19th 2019 https://isc.sans.edu/podcastdetail.html?id=6378, Author: Johannes Ullrich

about 2 hours ago

MN: Data breach hits Dunn Brothers, Chino Latino, several metro businesses

databreaches.net - Related Posts:Chino Latino and Burger Jones hit by data breachBreach compromises more than 1,000 debit cards in…Three brothers jailed in UK for credit...

about 4 hours ago

Copperas Cove: Police warn of another phishing scam

kwtx.com - Copperas Cove police are warning of another phishing scam, this time involving emails purported to be from Apple regarding app purchases.

about 4 hours ago

Stop Saying, 'We Take Your Privacy and Security Seriously' - Slashdot

it.slashdot.org - Security reporter Zack Whittaker writes: In my years covering cybersecurity, there's one variation of the same lie that floats above the rest. "We take your privacy and security seriously." You might have heard the phrase here and there. It's a common trope used by companies in the wake of a data...

about 4 hours ago

Rietspoof malware spreads via Facebook Messenger and Skype spam

zdnet.com - Avast security researchers have discovered a new malware strain named Rietspoof that's currently being spread to victims via instant messaging clients such as Facebook Messenger and Skype. In a report published over the weekend, researchers described this new threat as a "multi-stage malware," t...

about 4 hours ago

Kaspersky Lab detects spike in phishing activities during Valentine’s Day - Backend News

backendnews.net - Just in time for love month, Kaspersky Lab released its findings of a spike in phishing activities taking advantage of the hype of Valentine's Day. The cybersecurity firm said "the total number of user attempts to visit fraudulent websites with a romantic theme that were detected and blocked duri...

about 5 hours ago

Why You Should Be Concerned About Cybersecurity Now More Than Ever Before

techspective.net - Cybersecurity is a buzzword you hear on the evening news and think about when setting up your website. Now more than ever, your brand needs to consider

about 5 hours ago - by Lexie Lu

View All Trending Stories

Tell the World about Us

We are a new security info web site done right. Find the security news that interest you, and discover the ones that are trending at the moment.

Other Stories From Source

Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July

about 6 hours ago - by Sergiu Gatlan

Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads

about 8 hours ago - by Sergiu Gatlan

State Actor Behind Parliament Breach Says Australian Prime Minister

about 11 hours ago - by Sergiu Gatlan

2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years

about 14 hours ago - by Sergiu Gatlan

Mozilla Adding a Picture-in-Picture Mode to Firefox

1 day ago - by Lawrence Abrams

Google to Let you Link Directly to a Word or Phrase in Chrome

2 days ago - by Lawrence Abrams

The Week in Ransomware - February 15th 2019 - Attack on MSPs

3 days ago - by Lawrence Abrams

Apple Requiring 2-Factor Authentication on Developer Account Holders

3 days ago - by Lawrence Abrams