From bleepingcomputer.com
Microsoft has announced that they will no longer support the Cortana digital personal assistant app on Android and iOS devices starting in 2020.
In support articles for the UK, Australian, and Canadian markets, Microsoft has stated that they will no longer support the Cortana digital assistant apps on iOS and Android stating on January 31st, 2020. Instead, Microsoft will be integrating Cortana into the Microsoft 365 productivity apps.
From threatpost.com
Now that the checkm8 BootROM vulnerability has a working exploit, security pros are warning of potential attacks.
With the checkra1n iPhone jailbreak now available, security experts are urging mobile-device managers to keep on their toes as the powerful new tool becomes available to hackers and iPhone users who may recklessly use it.
Jailbreaking is the process of hacking these devices to bypass DRM restrictions, allowing users to run unauthorized and custom software, and to make other tweaks to iOS.
The security concerns around checkra1n are multifaceted. One risk factor is users jailbreaking their own iOS devices, making them susceptible to rogue or unstable apps downloaded from outside of Apple’s curated App Store.
From cyware.com
/https://cystory-images.s3.amazonaws.com/shutterstock_232596862.jpg)
The latest YouTube scam
Recently, researchers identified a new scam on YouTube that delivers information-stealing malware.
From securityboulevard.com
MITRE’s ATT&CK framework is ever evolving. The latest October update extends enterprise coverage to the cloud and adds a considerable list of cloud-specific adversarial techniques. The cloud has seen phenomenal growth over the past few years, as it offers businesses flexibility, reliability and cost-savings. Along with this growth comes new security risks and high value targets for nation state actors and cyber criminals.
In 2014, source code hosting provider Code Spaces was forced to shut down after an attacker gained access to its AWS IAM and destroyed its entire cloud infrastructure. More recently, a software engineer was arrested after stealing sensitive data, including details pertaining to 106 million credit card applications, from Capital One though a misconfigured AWS S3 bucket.
From 2-spyware.com
GoogleCrashHandler.exe technically is a regular component of Google Updater by Google that is a package management tool. This product holds the ability to automatically update, download, install, and delete various computer applications. Google Updater has been released in 2006 as an element of Google Pack but has no longer been supported since 2011. Currently, the program is no longer available and finding GoogleCrashHandler.exe on your computer system might be a sign of some type of potentially unwanted program, Trojan horse, or another type of infection secretly residing.
From techcrunch.com
It was the one of the best phishing emails we’ve seen… that wasn’t.
Phishing remains one of the most popular attack choices for scammers. Phishing emails are designed to impersonate companies or executives to trick users into turning over sensitive information, typically usernames and passwords, so that scammers can log into online services and steal money or data. But detecting and preventing phishing isn’t just a user problem — it’s a corporate problem too, especially when companies don’t take basic cybersecurity precautions and best practices to hinder scammers from ever getting into a user’s inbox.