#apple

Law enforcement believes that these hackers duping major tech companies are teenagers. But they are causing severe harm. The post Hackers fool major tech companies into handing over data of women and minors to abuse appeared first on Malwarebytes Labs.

NAS device vendors are dealing with several severe vulnerabilities in Netatalk, the open-source implemenation of AFP. The post QNAP customers urged to disable AFP to protect against severe vulnerabilities appeared first on Malwarebytes Labs.

Network-attached storage (NAS) appliance maker QNAP on Wednesday said it's working on updating its QTS and QuTS operating systems after Netatalk last month released patches to contain seven security flaws in its software. Netatalk is an open-source implementation of the Apple Filing Protocol (AFP), allowing Unix-like operating systems to serve as file servers for Apple macOS computers. <!-

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don't tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests -- in part by assigning trustworthiness or "credit ratings" to law enforcement authorities worldwide.

A new report suggests that a small but vibrant group of smartphones hackers may be challenging the world's most digitally restrictive regime.

By Owais Sultan Securing applications on-premises and on the cloud are two entirely different processes. The cloud provides plenty of benefits… This is a post from HackRead.com Read the original post: Explaining Cloud Native Application Security

Google on Tuesday officially began rolling out a new "Data safety" section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties. "Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties," Suzanne Frey, Vice President of product for Android security and privacy,

Ubuntu Security Notice 5388-2 - It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice 5388-1 - It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK incorrectly handled converting certain object arguments into their textual representations. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK incorrectly validated the encoded length of certain object identifiers. An attacker could possibly use this issue to cause a denial of service.

Today on Lock and Code, we speak with returning guest Tanya Janca about why so much of our software comes packaged with vulnerabilities. The post Why our software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09 appeared first on Malwarebytes Labs.