News & Updates
Hundreds of HP printer models vulnerable to remote code execution
HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine. Tracked as CVE-2022-3942, the security issue was reported by Trend Micro’s Zero Day Initiative team.
Behold, a password phishing site that can trick even savvy users
Just when you thought you'd seen every phishing trick out there, BitB comes along. When we teach people how to avoid falling victim to phishing sites, we usually advise closely inspecting the address bar to make sure it does contain HTTPS and that it doesn’t contain suspicious domains such as google.evildomain.com or substitute letters such as g00gle.com. But what if someone found a way to phish passwords using a malicious site that didn’t contain these telltale signs?
How Long It Would Take A Hacker To Brute Force Your Password In 2022, Ranked
According to Hive Systems your passwords should be at least 18 mixed up characters for maximum security. Here's how long it would take a hacker to come up with as many combinations or passphrases before guessing your password. Cyber security company Hive Systems crunched the numbers and computed how long it would take hackers to brute force their way into your password, based on the character length and complexity (case, numbers and symbols). Here's what they found.
Microsoft will let IT admins send Windows 11 desktop or taskbar messages
If you’re an IT admin and you’ve always wanted to send messages to your Windows users, Microsoft is opening up a new option soon. IT admins will soon be able to send organizational messages to Windows 11 PCs, and they can appear on a lock screen, desktop, or above the taskbar.
The Latest Sandworm Botnet Attack Shows Why Firewalls Can’t Do Zero Trust
US Attorney General Merrick Garland announced Wednesday that US officials have disrupted a two-tiered global botnet of thousands of infected firewall devices allegedly controlled by the threat actor called Sandworm, who have been previously connected to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU). The attack operation effectively converted the infected firewalls into malicious hosts to be used for command and control of the botnet.
Microsoft Teams Adds New Video Filters
Microsoft Teams is adding new video filters allowing users to improve their appearance during video meetings. The first two filters, Adjust Brightness and Soft focus, have started to roll out on the Teams desktop app and they can be applied before and during meetings.
New Microsoft Teams apps eliminate an obvious advantage for Zoom
A pair of new add-ons have introduced real-time translation functionality to video meetings on Microsoft Teams, closing the gap on rival vendor Zoom. The integrations give Microsoft customers access to a large network of professional interpreters, who dial into meetings on request. Once a session has begun, users can switch between the original audio feed and the interpreter’s translation via a drop-down menu.
Apple Issues Patches for 2 Actively Exploited Zero-Days in iPhone, iPad and Mac Devices
Apple on Thursday rolled out emergency patches to address two zero-day flaws in its mobile and desktop operating systems that it said may have been exploited in the wild. The shortcomings have been fixed as part of updates to iOS and iPadOS 15.4.1, macOS Monterey 12.3.1, tvOS 15.4.1, and watchOS 8.5.1. Both the vulnerabilities have been reported to Apple anonymously.
Microsoft confirms they were hacked by Lapsus$ extortion group
Microsoft has confirmed that one of their employees was compromised by the Lapsus$ hacking group, allowing the threat actors to access and steal portions of their source code. Last night, the Lapsus$ gang released 37GB of source code stolen from Microsoft's Azure DevOps server. The source code is for various internal Microsoft projects, including for Bing, Cortana, and Bing Maps.
Office and Microsoft Teams are getting even closer
Using Microsoft Teams apps will soon be possible across Office.com and the Office app for Windows as the company looks to widen the reach of its video conferencing service even further. A new entry in the Microsoft 365 roadmap notes that users will soon be able to add apps built for Microsoft Teams to both Office platforms.