Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity• Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591.• Implement multi-factor authentication.• Use strong, unique passwords. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 10. See the ATT&CK for Enterprise for all …

/ Security News /

A global mobile espionage campaign collecting a trove of sensitive personal information from victims since at least 2012 has accidentally revealed itself—thanks to an exposed server on the open internet. It’s one of the first known examples of a successful large-scale hacking operation of mobile phones rather than computers. The advanced persistent threat (APT) group, …