Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems.
The unpatched flaw allows an attacker to delete any kind of file on a victim machine, including system data.
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.
The update also features 23 security fixes.
A fake Adobe update actually updates victims’ Flash – but also installs malicious cryptomining malware.
A newly discovered malware has different capabilities for Windows and Linux systems, including ransomware and cryptomining.
This week’s news includes a Microsoft zero-day flaw and Yahoo’s recent email privacy snafu.
A Windows task scheduler API function does not check permissions – so any potential local bad actor can alter them to gain elevated privileges.
Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.
After researchers found more than 100 Android apps infected by malicious Microsoft Windows executable files, the apps have been removed from Google Play.