Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds.
Threatpost
Posts tagged "Flaw"
SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts
Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds.
Threatpost
MSHTML Flaw Exploited to Attack Russian Dissidents
A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin.
MSHTML Flaw Exploited to Attack Russian Dissidents
A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin.
Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw
The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP […]
Threatpost
Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw
The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP […]
Threatpost
Microsoft Teams is finally fixing this super annoying flaw
Being plagued by annoying notifications pings whilst on a call may soon finally be at an end for users of Microsoft Teams.
The company has confirmed that it will soon allow users to mute notifications whilst they are in a video conferencing meeting or don't want to be disturbed.
This should mean an end to distracting notifications or alerts when you’re in the middle of an important meeting, particularly as more and more businesses embrace hybrid working.
No more notifications
“The current experience of receiving notifications during meetings is highly distracting and there is no easy way to turn off these notifications making it highly painful for users,” Microsoft's Joao Ferreira wrote in an M365 admin post announcing the news.
“This feature will introduce a setting to help the user turn OFF notifications during meetings.”
In order to activate the setting, users need to click on the ellipsis next to their Microsoft Teams profile picture, then select global settings -> Notifications -> Meetings. Doing so will turn off notifications for all meetings.
If users want to allow certain notifications to come through, say if they are expecting an important email or alert, users can turn notifications on or off for a per meeting basis through the setting provided in the meeting tray.
By allowing users to specify which types of alerts they receive, the latest Teams update should help address common remote working issues that have been increasingly facing workers across the world.
Ferreira noted that the feature is set to begin rolling out in early February, with most users set to have it ready by mid-March 2022. It will be available worldwide to all Microsoft Teams users across desktop and web.
News of the feature first emerged back in November 2021, with Microsoft Teams enjoying a raft of useful updates since then. This includes the addition of chat bubbles so that users wouldn't miss private messages sent during a video call, both 1:1 or as part of a group call.
- Looking to improve your video calls? Check out our roundups of the best business webcams and best headsets for conference calls
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.
Threatpost
Attackers Exploit Flaw in Google Docs’ Comments Feature
A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.