[ThreatPost] How to Prevent Account Takeovers in 2021

Google has rolled out yet another update to Chrome browser for Windows, Mac, and Linux to fix four security vulnerabilities, including one zero-day flaw that’s being exploited in the wild. Tracked as CVE-2021-30554, the high severity flaw concerns a use after free vulnerability in WebGL (aka Web Graphics Library), a JavaScript API for rendering interactive 2D and 3D […]

Apple’s announcement that it would scan encrypted messages for evidence of child sexual abuse has revived debate on online encryption and privacy, raising fears the same technology could be used for government surveillance. read more Source: Read More (SecurityWeek RSS Feed)

One of the Cobalt Strike servers reported by Brad Duncan also communicates over DNS. This can be tested with a simple DNS TXT query: The content of this TXT record contains the start of a Cobalt Strike beacon, encoded with Netbios Name encoding. I recently published an update to my base64dump.py tool to handle this […]