Apple Updates Privacy Policies After Siri Audio Recording Backlash
Apple’s “grading” process, which listens to Siri voice recordings, will now be in-house and has an option for users to opt out. Go to Source
Google Squashes High-Severity Blink Browser Engine Flaw
The bug could enable remote code-execution, information-siphoning or denial-of-service attacks. Go to Source
Defense Takeaways from Three Adversary Playbooks
An analysis of threat techniques used by Silence Group, Goblin Panda and Zegost, which can help construct effective defenses. Go to Source
Employers Beware: Microsoft Word ‘Resume’ Phish Delivers Quasar RAT
A round of phishing emails purports to be from job seekers – but actually uses a slew of detection evasion tactics to download malware on victim systems. Go to Source
Malicious App on Google Play Tallies 100 Million Downloads
Seemingly handy PDF and OCR app turns out to be a privacy horror show. Go to Source
Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates
The issue impacts users of the vendor’s Cloud WAF product. Go to Source
Oil and Gas Firms Targeted By New LYCEUM Threat Group
A new threat group has been discovered targeting Middle Eastern critical infrastructure firms with spearphishing emails laced with malware. Go to Source
Apple Fixes iOS Flaw That Opened iPhones to Jailbreaks
Apple has released an emergency patch in iOS 12.4.1 that addresses a vulnerability that opened iPhones to jailbreaks. Go to Source
IRS Impersonation Attacks Spread Malware Nationwide
The emails are well-crafted and extremely convincing. Go to Source
ThreatList: Half of All Social Media Logins Are Fraud
Fraudsters are using social media to spam, steal information, spread propaganda and execute social-engineering campaigns. Go to Source