ISBuzz Team

It has been reported that Microsoft has released important security updates for Office, Office 365 ProPlus, and Paint 3D products to address multiple newly disclosed bugs in Autodesk’s library for the FBX file format for 3D animations.

It has been reported that a new potentially serious software vulnerability has been discovered in iOS 13 that works via the default Mail app on iPhone and iPad. ZecOps detailed its findings in a blog post, with the most serious vulnerability of the two affecting the latest iOS 13 public release. According to the researchers, these vulnerabilities are widely exploited in the wild in targeted attacks by an advanced threat operator(s) to target VIPs, executive management across multiple industries, individuals from Fortune 2000 companies, as well as smaller organisations.

The Wall Street Journal has reported that sophisticated hackers may be attacking Apple Inc. iPhones by exploiting a previously unknown flaw in the smartphone’s email software. ZecOps announced today that a few of its customers were targeted with two zero-day exploits for iOS last year. One of the vulnerabilities showed that it can be triggered remotely and another one requires an additional vulnerability to trigger it remotely. Researchers said the vulnerabilities are widely exploited in the wild in targeted attacks by an advanced threat operator(s) to target executive management across multiple industries.

The 2020 NFL draft is slated to start Thursday, and thanks to the COVID-19 pandemic, it will be the first virtual version of the event ever presented. This raises a few cybersecurity concerns, according to researchers and the teams themselves — but the NFL is planning on knocking the security ball straight through the uprights. Fans and players alike look forward Draft Day every year, when clubs, choosing based on a pre-set order, ask hopefuls looking to play football on a pro level to join their rosters. This year, club personnel, League staff and prospects will all participate from home. According…

CNN reported that about 8,000 applicants for federal disaster loans may have had their personal information exposed to others using the loan application site, the Small Business Administration said Tuesday. https://twitter.com/FortuneTech/status/1252719917322944518

The espionage hackers masquerading as a well-known Egyptian engineering contractor or a shipment company launched a sophisticated spear-phishing campaign targeting US-based oil and gas companies. What makes this particularly eye catching is the lack of typos, broken grammar and other sloppiness that are typical of phishing emails.

The French government has asked Apple to relax a Bluetooth privacy standard that is hampering the development of a mobile application being designed to track the spread of COVID-19. The government is building an app due to be deployed by May 11, according to Bloomberg. However, there are delays due to one of the inbuilt features designed to protect Bluetooth that stops the communications protocol from constantly running in the background when data is being transferred from an iPhone. https://twitter.com/denniscdietrich/status/1252530014396059649

It has been reported that legislation introduced yesterday could require consumers to click through a warning before downloading software or an app originating from countries deemed a national security risk, including China and Russia. It’s the latest congressional measure to target popular apps like the Russia-based FaceApp and TikTok, owned by the Beijing-based ByteDance, over privacy and security concerns.

With general elections expected to be held within a year, Singapore’s political parties have been issued advisories about the threat of foreign interference and cybersecurity threats. They are urged to seek out precautionary measures to safeguard their ICT infrastructure, data, as well as online accounts. The city-state’s Ministry of Home Affairs, Cyber Security Agency, and Elections Department on Monday said there had been many reports of foreign interference over the past few years in elections overseas, including the French presidential and German federal elections in 2017 as well as the US mid-term and Italian general elections in 2018.

News broke over the weekend, detailing that the stolen records of 20 million users of a popular Android app store have been published online by a hacker who claims to have 19 million more. The data includes “personal identifiable information” including the user’s email address, real name, sign-up data and IP address, device details, and even a date of birth for millions of users. It also includes hashed passwords and some technical information.