Jan 04, 2023Ravie LakshmananVPN / Server Security Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems. Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug
Month: January 2023
The FCC is going after an alleged prolific robocall company, with a proposed record-breaking fine in the hundreds of millions of dollars. The regulator said an operation run by Roy Cox, Jr. and Michael Aaron Jones made billions of illegal robocalls via their Sumco Panama company and numerous other entities located in the US, Panama
by Paul Ducklin PyTorch is one of the most popular and widely-used machine learning toolkits out there. (We’re not going to be drawn on where it sits on the artifical intelligence leaderboard – as with many widely-used open source tools in a competitive field, the answer seems to depend on whom you ask, and which
Jan 02, 2023Ravie LakshmananOnline Scam / Cybersecurity Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei (aka RedThief). “The RedZei fraudsters have chosen their targets carefully, researched them and realized it was a rich victim group that is ripe for
France’s digital privacy regulator, the Commission nationale de l’informatique et des libertés (CNIL), announced on December 22, 2022 it had fined US tech giant Microsoft €60m ($64m), its largest this year, over advertising cookies. The CNIL found that Microsoft’s search engine, Bing, had not set up a system allowing users to refuse cookies as simply
by Paul Ducklin Hot on the heels of the LastPass data breach saga, which first came to light in August 2022, comes news of a Twitter breach, apparently based on a Twitter bug that first made headlines back in the same month. According to a screenshot posted by news site Bleeping Computer, a cybercriminal has
Dec 29, 2022Ravie LakshmananOnline Security / Malvertising Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of