Two novel 0-day flaws are being targeted by Chinese hackers, Microsoft is working on a patch
TikTok doesn't have as many trackers out there as Google and Facebook, but its ad platform is young
You can't make this stuff up
The big picture: Backdoor.Stegmap is a potent backdoor hidden within a simple Windows logo image file through steganography-based encryption. Chinese cyber-criminals are working hard with new and old techniques to permanently compromise high-level government and diplomatic targets.
Malicious software can infect Windows, Linux, FreeBSD and several chip architectures
The publication has shut down its website
Meta insists that there is no merit behind the claims
In brief: The Python programming language is being impacted by security issue programmers have know about for a while. Trellix researchers recently rediscovered a bug, highlighting the risk for hundreds of thousands of software projects and creating patches for tens of thousands of them.
This is why we can't have nice things
The leakers are gonna have a five-star wanted level of their own
When it rains, it pours: Still reeling from a GTA 6 leak over the weekend, Take-Two got nailed with another data breach. This time it was subsidiary 2K Games taking the hit when a hacker accessed an internal support account and began sending out official 2K emails with links to a phishing website. It is still unclear if Take-Two has contained the intrusion and how many customers were affected, but the entire 2K support division is shut down until further notice.
Enhanced spell check and MS Editor lead to concerns far beyond bad spelling
Watch out for "Link in the Description"
WTF?! Gamers looking to download cheats and cracks should beware of links in YouTube video descriptions. Hackers may have compromised the channels hosting the videos, turning them into vectors for spreading malware that can steal login credentials.
The same client was hit by another huge traffic flow in July
It's unclear whether he accessed customer data
What just happened? Uber is investigating a cybersecurity incident that has compromised many of its internal systems, giving the hacker, who says he is just 18 years old, almost complete access to the company's network. The breach is thought to be as bad as or worse than the 2016 incident that exposed the details of 57 million customers.
In context: Nothing can ruin a multiplayer game faster than rampant cheating, so it's no surprise that developers go to great lengths to devise ways to mitigate it. One controversial method is to install kernel-mode drivers that monitor for anything that tries to tamper with the game's software. However, many players are not comfortable with granting such low-level privileges.
In brief: Several HP enterprise devices are running firmware containing as many as six unpatched security holes that allow arbitrary code execution. Some of them are at least a year old, and researchers publicly disclosed all of them over a month ago. As of this writing, all remain unpatched.
A lot more convincing than a phishing email
In brief: Steam users are being warned about a new attack tricking people into handing over their account credentials via a browser-in-the-browser phishing technique. Competitive and professional gamers are being targeted, as is anyone with a high-value account.
Former US ambassador warns about data tracking, says the US is making China's surveillance job easier
Big quote: The Federal Trade Commission asked for opinions about data economy and commercial surveillance, and former US ambassador Karen Kornbluh described the situation with grave and unambiguous words.
The vulnerability could allow unauthenticated users to download sensitive information and files from affected servers
It sold secret transcripts to a marketing firm to build profiles using personal information
Far Cry players should watch out for cryptojackers
A new fix for a zero-day flaw already exploited in the wild
The Meta-owned social network will appeal the decision by Irish regulators