Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.
Jamf says North Korean subgroup of the financially motivated Lazarus Group targets specific users the threat actors believe have access to cryptocurrency.
The Register reports that U.S. insurance and advisory services provider Hilb Group had 81,539 individuals' personal data compromised following a breach of employee email accounts earlier this year.
Threat actors could leverage Apple's "Find My" location network used for locating lost Apple devices to facilitate the exfiltration of keylogger-stored information, BleepingComputer reports.
Android virtual private network apps in Google Play that have been subjected to a Mobile Application Security Assessment will have their Data safety section include the new "Independent security review" badge as part of Google's efforts to enhance transparency on app safety and privacy, according to The Hacker News.
Cyberattack hits Ace Hardware BleepingComputer reports that most IT systems of Ace Hardware have been disrupted by a cyberattack over the weekend, affecting many key operating systems of the U.S. multinational hardware store retailers' cooperative, including those for scheduling deliveries and processing additional orders.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.