This week, University of New Haven researchers released details about a serious vulnerability in a popular PC VR application called BigScreen VR. The flaw not only allows an attacker to potentially eaves drop on you and your friends while you think you are in a private VR space, but it could even allow attackers to install arbitrary code (malware) onto your computer with no … [Read more...]
Password Manager Vulnerabilities – Security Byte
On Tuesday, a Washington Post article disclosed new password manager research from the Independant Security Evaluators (ISE), who found many vulnerabilities in a number of the most popular password managers. In a nutshell, local attackers could exploit these flaws to unveil some of your clear text passwords, and in the worst case, even the clear text master password. That said, … [Read more...]
February 2019 Patch Tuesday – Security Byte
As you surely know by now, the second Tuesday of every month is Microsoft Patch Tuesday, which Adobe also shares. This month, both companies released updates to fix a ton of security flaws in many of their products. Microsoft’s patches alone fix 77 security issues, including some that attackers are already exploiting. Watch today’s video to learn more about these updates, … [Read more...]
Docker Host Root Vulnerability – Security Byte
A serious vulnerability in RunC—the primary container runtime for Docker, Kurbernetes, and more—allows a malicious container to run arbitrary code as root on the host. This is a pretty critical vulnerability, especially for anyone that offers public access to containers. Watch today’s quick, snowpocalypse video to learn more about this flaw, and go get the patch immediately if … [Read more...]
Mario Malware – Security Byte
Researchers at Bromium have discovered an interesting new malware campaign specifically targeting Italy. Attackers are spamming malicious Excel documents to Italian victims. If you open the malicious Excel document, it leverages Powershell to filelessly begin the infection, but ultimately downloads and executes the Grandcrab family of ransomware. Ironically, the malicious Excel … [Read more...]