Services

Users plagued by iOS app security issues, according to new research
News roundup: Researchers uncovered a large number of iOS app security risks. Plus, Viacom exposed its critical data through a misconfigured AWS S3 bucket, and more.

Undisclosed SEC breach may have led to illegal stock trades
The U.S. Securities and Exchange Commission admitted a 2016 breach that was previously undisclosed may have enabled threat actors to engage in illegal stock trades.

Undocumented Word feature could lead to system information theft
An undocumented Word feature found by Kaspersky Lab could lead to system information theft and affects users on both PCs and mobile devices.

CCleaner malware spread via supply chain attack
CCleaner malware was spread to users via an infected software update for close to one month, highlighting the dangers of supply chain attacks and the need for code signing.

DHS banned Kaspersky software from all government systems
News roundup: DHS has banned Kaspersky software from use in government systems. Plus, the commonwealth of Virginia decided to do away with touchscreen voting machines, and more.

Apache Struts vulnerability blamed for Equifax data breach
Equifax has confirmed an unpatched critical Apache Struts vulnerability was exploited in the breach that compromised the personal data of 143 million U.S. citizens.