Afternoon Dessert – 2023-01-23

Afternoondessert

Welcome to another Afternoon Dessert breakout:

Microsoft plans to kill malware delivery via Excel XLL add-ins
Microsoft is working on adding XLL add-in protection for Microsoft 365 customers by including automated blocking of all such files downloaded from the Internet. […]
Read more….

Google Ads invites being abused to push spam, adult sites
Google Ads invites are being abused to deliver messages promoting spam and sex websites to users otherwise not necessarily using Google Ads or related products. […]
Read more….

GTA Online bug exploited to ban, corrupt players’ accounts
Grand Theft Auto (GTA) Online players report losing game progress, in-game money being stolen, and being banned from game servers due to an alleged vulnerability in the game’s PC version. […]
Read more….

T-Mobile admits to 37,000,000 customer records stolen by “bad actor”
Once more, it’s time for Shakespeare’s words: Once more unto the breach…
Read more….

Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
It’s a really cool and super-simple trick. The question is, “Will it help?”
Read more….

CISA warns of critical ManageEngine RCE bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to its catalog of bugs known to be exploited in the wild. […]
Read more….

Apple fixes actively exploited iOS zero-day on older iPhones, iPads
Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. […]
Read more….

Follow for more…

%d bloggers like this: