Google Improves Its Password Manager to Boost Security Across All Platforms

2022-07-02 - Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a "simplified and unified management experience that's the same in Chrome and Android settings," Ali Sarraf, Google Chrome product manager, said in a blog post. The updates are also expected to automatically

Source:, Ravie Lakshmanan

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps

2022-07-02 - Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "complex multi-step attack flow" and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent

Source:, Ravie Lakshmanan

New 'SessionManager' Backdoor Targeting Microsoft IIS Servers in the Wild

2022-07-01 - A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers belonging to a wide range of entities worldwide, with infections lingering in 20 organizations as of June 2022. Dubbed SessionManager, the malicious tool masquerades as a module for Internet Information Services (IIS), a web server software for Windows systems, after

Source:, Ravie Lakshmanan

Solving the indirect vulnerability enigma - fixing indirect vulnerabilities without breaking your dependency tree

2022-07-01 - Fixing indirect vulnerabilities is one of those complex, tedious and, quite frankly, boring tasks that no one really wants to touch. No one except for Debricked, it seems. Sure, there are lots of ways to do it manually, but can it be done automatically with minimal risk of breaking changes? The Debricked team decided to find out.  A forest full of fragile trees So, where do you even start?

Source:, The Hacker News

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

2022-07-01 - A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence said in a series of tweets on Thursday. "The group has actively updated its techniques and payloads

Source:, Ravie Lakshmanan

Ett stort företag börjar från små.
Grundades 2015
let's talk about your project

Innehållet i detta e-postmeddelande är konfidentiellt och avsett endast för den mottagare som anges i meddelandet.