LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition.
The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (

The Hacker News – ​Read More

TotalAV VPN vs Surfshark: Which VPN Should You Choose?

TotalAV combines a simple VPN with antivirus software, while Surfshark offers a standalone VPN with better features and faster speeds.

Security | TechRepublic – ​Read More

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure.
“We expect that most users will not be directly affected, however, it is critical that you validate if you are affected and to watch for downtime or other kinds of breakage,” Richard Lander, a program

The Hacker News – ​Read More

Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users’ privacy using its voice-activated Siri assistant.
The development was first reported by Reuters.
The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential voice communications with the

The Hacker News – ​Read More

Cloudflare’s VPN app among half-dozen pulled from Indian app stores

More than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch has learned.  The Indian Ministry of Home Affairs issued removal orders for the apps, according to a document reviewed by TechCrunch and a disclosure made by Google to […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping

Apple isn’t acknowledging any wrongdoing in the settlement, which must be approved by a Judge and represents a sliver of the $705 billion in profits that Apple has pocketed since September 2014.

The post Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping appeared first on SecurityWeek.

SecurityWeek – ​Read More

Unpatched Active Directory Flaw Can Crash Any Microsoft Server

Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.

darkreading – ​Read More

ZDNET joins CNET Group to award the Best of CES, and you can submit your entry now

Our experts will sift through the thousands of CES exhibitors to find the best tech and bring it to you.

Latest stories for ZDNET in Security – ​Read More

Apple settles Siri lawsuit for $95 million – here’s how much you could get

The class action privacy suit contends that Siri recorded and shared Apple users’ conversations. Apple isn’t the only tech giant in the crosshairs of such legal action.

Latest stories for ZDNET in Security – ​Read More