Mozilla this week released Firefox 66 with support for Windows Hello for Web Authentication on Windows 10, as well as with patches for 21 vulnerabilities.  The newly added support for Windows Hello should provide users with a passwordless experience on the web, but also with increased security, Mozilla says.  The browser...
Vulnerabilities recently addressed by CUJO AI in the CUJO Smart Firewall could be exploited to take over the device, Cisco Talos security researchers reveal.  Based on a Linux-based operating system running a kernel with PaX patches, the Smart Firewall was designed to protect home networks against attacks such as malware, phishing websites,...
A security firm's Vulnerability Research Team (VRT) found and reported a vulnerability in SoftNAS Cloud data storage. SoftNAS fixed the vulnerability last week, and details of the vulnerability are now being made public. The Digital Defense VRT found the vulnerability in SoftNAS Cloud Enterprise 4.2.0. Earlier versions are not affected,...
A vulnerability in Ghidra, the generic disassembler and decompiler released by the National Security Agency (NSA) in early March, could be exploited to execute code remotely, researchers say.  The flaw, an XML external entity (XXE) issue, was discovered in the Ghidra project loading process immediately after the tool was released.  Impacting...
A 50-year-old Lithuanian citizen has pleaded guilty over his role in a business email compromise (BEC) scheme in which Google and Facebook employees were tricked into wiring a total of more than $100 million to bank accounts he controlled. Evaldas Rimasauskas was arrested by Lithuanian authorities in March 2017 and...
Google recently patched a vulnerability in its Photos service that could have been exploited via browser-based timing attacks to track users, Imperva revealed on Wednesday. Google Photos allows users to store, manage and share their photos. The service includes a search engine, it automatically tags each photo using metadata (e.g....
Governments within the European Union appear to be flouting their own GDPR laws. Many official government websites are harboring and delivering tracking cookies from the ad tech industry even though they don't rely on any advertising income. Eighty-nine percent of 184,683 pages delivered tracking cookies. Twenty-five of the 28...
Norwegian metals and energy giant Norsk Hydro is working on restoring systems after being hit by ransomware, but the company says it does not plan on paying the hackers. Norsk Hydro detected the attack at around midnight between Monday and Tuesday, but it would not say if its investigation so...
Presented by Industry 4.0 is delivering great benefits, as well as additional security risks, to industrial firms around the world. Often referred to as the fourth industrial revolution, Industry 4.0 environments are comprised of converged IT and Operational Technology (OT) infrastructure. This digitally transformed landscape plays a foundational role in this...
The EU's powerful anti-trust regulator slapped tech giant Google with a new fine on Wednesday over unfair competition, in Europe's latest salvo against Silicon Valley. In its third major decision against the search engine behemoth, Brussels sanctioned Google's once popular AdSense advertising service, saying it illegally restricted client websites from...