Security daily (27-03-2021)

Apple devices get urgent patch for zero-day exploit – update now!

Universal Cross Site Scripting bug means all web browsing is potentially at risk. We explain in plain English. (Naked Security)

Master Excel with This Certification Bundle

Microsoft Excel is one of the most useful tools you can bring into your professional life. However, as useful as Excel is, it can also be difficult to learn on your own. The All-In-One Microsoft Excel Certification Training Bundle is an incredible tool that will take you from Excel beginner to Master for $33.99, on sale for 98% off.

Offering 50+ hours of content and 657 lessons, this Certification bundle will teach you everything from Dashboards & Data Visualization to Automation of Tasks with macros. Excel is a diverse tool that can do so much more than arrange your data, and this training... more (Null Byte « WonderHowTo)

Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally

ESP8266-based microcontrollers can be used to create exciting and legal Wi-Fi hacking games to test your or your friends' Wi-Fi hacking skills.

When you first start learning how to hack Wi-Fi, it can be tempting to use your powers on Wi-Fi networks you don't have permission to use. Needless to say, this can get you into a lot of trouble because Wi-Fi hacking isn't particularly subtle, so it's easy to get caught. To keep you from getting into a predicament, we want to make sure you have access to a couple of fun Wi-Fi hacking games.

The games we've created can be used for a CTF... more (Null Byte « WonderHowTo)

Watch Out! That Android System Update May Contain A Powerful Spyware

Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new malicious app (The Hacker News)

Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack

Merely weeks after releasing out-of-band patches for iOS, iPadOS, macOS and watchOS, Apple has issued yet another security update for iPhone, iPad, and Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild. Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that could enable adversaries to process maliciously crafted web content (The Hacker News)


/security-daily/ 28-03-2021 23:44:22