Microsoft Delaying Recall Feature to Improve Security

June 14, 2024 at 06:39AM Microsoft has postponed the launch of the Recall feature preview due to security and privacy concerns. It allows users to find past screenshots on their PC, but experts have pointed out potential risks of sensitive data being obtained by malware. The feature will now be rolled out through the Windows … Read more

Researchers Show How Malware Could Steal Windows Recall Data

June 5, 2024 at 09:30AM Microsoft’s Recall feature, enabled by default on new Copilot+ PCs, captures user activity through regular screenshots stored locally. However, cybersecurity researchers have raised concerns over potential data theft, with demonstrations showing information-stealing malware could access sensitive data. They also highlighted the feature’s security vulnerabilities, prompting Microsoft to address the issues … Read more

Google fixes eighth actively exploited Chrome zero-day this year

May 24, 2024 at 05:36AM Google has released a new emergency security update for Chrome to address the eighth actively exploited zero-day vulnerability. Tracked as CVE-2024-5274, the high-severity ‘type confusion’ flaw in V8, Chrome’s JavaScript engine, can lead to crashes and data corruption. The fix is available for Windows and Mac, with updates for Linux … Read more

Patch Now: Another Google Zero-Day Under Exploit in the Wild

May 16, 2024 at 08:57AM A new zero-day vulnerability has been disclosed for Google Chrome, marking the third such bug revealed within a week. Google has released an emergency fix for the high-severity flaw (CVE-2024-4947) affecting Mac, Windows, and Linux. This type-confusion weakness in the Chrome V8 JavaScript engine can lead to browser crashes and … Read more

Feds to Microsoft: Clean Up Your Cloud Security Act Now

April 3, 2024 at 11:36AM A federal review board placed responsibility on the tech giant for the Microsoft 365 breach, urging them to prioritize their “inadequate” security. The breach enabled China’s Storm-0558 to hack email accounts of government officials. Based on the meeting notes, it is clear that a federal review board has demanded the … Read more

Apple Patches Code Execution Vulnerability in iOS, macOS

March 26, 2024 at 08:48AM Apple has issued security updates for iOS and macOS to fix an arbitrary code execution vulnerability affecting CoreMedia and WebRTC components. This issue, also impacting the dav1d AV1 decoder, can lead to memory corruption and arbitrary code execution. The company credited Google Project Zero researcher Nick Galloway for reporting the … Read more

Microsoft Patches Xbox Vulnerability Following Public Disclosure

March 21, 2024 at 09:45AM Microsoft has released a patch for an Xbox vulnerability (CVE-2024-2891) categorized as ‘important’ severity, allowing local attackers with low privileges to escalate to System. The fix is automatically delivered to users with automatic updates enabled. This follows initial reluctance by Microsoft to acknowledge the issue, which was later publicly disclosed … Read more

Fujitsu found malware on IT systems, confirms data breach

March 18, 2024 at 10:09AM Fujitsu, a leading Japanese tech giant, reported a major cybersecurity incident where malware compromised its systems and customer data. The company, known for its global IT services and government projects, promptly isolated affected computers and intensified monitoring. The breach follows a previous hack in 2021, exposing government offices and potentially … Read more

Fujitsu found malware on several systems, confirms data breach

March 18, 2024 at 10:01AM Fujitsu, world’s 6th largest IT services provider, disclosed a major cybersecurity incident, revealing malware infection and customer data theft. The tech giant operates in 100+ countries, with strong ties to the Japanese government. Though no customer data misuse is reported, Fujitsu is investigating the breach and preparing individual notices for … Read more

Google Paid Out $10 Million via Bug Bounty Programs in 2023

March 12, 2024 at 02:04PM Google announced a $10 million payout in 2023 for its bug bounty programs, totaling $59 million since 2010. 632 researchers from 68 countries earned rewards, with the highest single payout at $113,337. $3.4 million was awarded for Android vulnerabilities, with increased maximum rewards. Google’s bug bounty payouts are comparable to … Read more