Security at the Edge

Apple Enrages IT — 45-Day Cert Expiration Fury

Richi Jennings | October 16, 2024 | 90-day certificates, 90-day TLS certificate validity, Apple, Apple Safari, browser, Browser Security, CA/B Forum, CA/Browser Forum, CAB Forum, certificate, Certificate and Key Lifecycle Management, Certificate and Key Management, Certificate Automation, mobile safari, Safari, SB Blogwatch, Sectigo

CA/B testing: Ludicrous proposal draws ire from “furious” systems administrators ...

Security Boulevard

Biggest Ever DDoS is Threat to OT Critical Infrastructure

Egyptian River Floods: Operational technology (OT) targeted in “world record” 3.8 Tb/s distributed denial of service (DDoS) ...

Security Boulevard

E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it

Richi Jennings | September 18, 2024 | android, Apple, Apple iOS, Apple iPhone, china, E2EE, end-to-end, end-to-end encryption, google, Great Firewall of China, GSMA, iChat, imessage, ios, iOS 18, iPhone, iphone security, MLS, RCS, RCS protocol, SB Blogwatch, SMS, SMS messages

No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking ...

Security Boulevard

Microsoft Fixes Four 0-Days — One Exploited for SIX YEARS

Richi Jennings | September 11, 2024 | CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491, KB5043083, KB5043936, Mark of the Web, Microsoft, Microsoft Patch Tuesday September 2024, Microsoft Windows, Microsoft Windows Zero Day, Patch Tuesday, SB Blogwatch, Windows, Windows Update

Week B: Bugs begone! This month Redmond fixes 79 security flaws in Windows and other products ...

Security Boulevard

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion ...

Security Boulevard

Yikes, YubiKey Vulnerable — ‘EUCLEAK’ FIDO FAIL?

Richi Jennings | September 4, 2024 | CVE-2024-45678, ECDSA, EUCLEAK, FIDO, FIDO2, Infineon, Passkeys, SB Blogwatch, YSA-2024-03, Yubikey

USB MFA SCA😱: Infineon hardware and software blamed for timing side-channel attack on popular auth tokens ...

Security Boulevard

‘Terrorgram’ Telegram Terrorists Trash Transformers — Grid in Peril

Should’ve listened to Edison: After the arrest of Pavel Durov—the Telegram CEO—comes news of domestic extremists using the chat app to organize ...

Security Boulevard

Pig Butchering at Heart of Bank Failure — CEO Gets 24 Years in Jail

Richi Jennings | August 23, 2024 | #PigButchering, Crypto, crypto cons, crypto crime, crypto currency, cryptocurrency, Heartland Tri-State Bank, online romance scam, pig butchering, Pig Butchering Scams, romance, romance fraud, romance scam, romance scammers, romance scams, SB Blogwatch, Shan Hanes

Oink, oink, FAIL—you’re in jail: Kansas bank chief exec Shan Hanes stole money from investors, a church and others to buy cryptocurrency to feed a scam ...

Security Boulevard

Patch Tuesday not Done ’til LINUX Won’t Run?

Richi Jennings | August 21, 2024 | CVE-2022-2601, Dual boot, GRUB2 Bootloader Secure Boot Bypass, Linux, Microsoft, Microsoft Patch Tuesday August 2024, Microsoft Windows, Patch Tuesday, SB Blogwatch, SBAT, secure boot, Secure Boot Advanced Targeting, Windows

Redmond reboot redux: “Something has gone seriously wrong.” You can say that again, Microsoft ...

Security Boulevard

Don’t Mess With Texas Privacy: AG Sues GM for $18 BILLION

Richi Jennings | August 15, 2024 | Consumer IoT, SB Blogwatch, Texas Data Privacy and Security Act, vehicle cybersecurity

KP♡TX PII: “General Motors has engaged in egregious business practices that violated Texans’ privacy … in unthinkable ways,” rants state attorney general Ken Paxton (pictured) ...

Security Boulevard