ZDNet: Adobe sends out second fix for critical Reader data leak vulnerability

ZDNet: Adobe sends out second fix for critical Reader data leak vulnerability. “Adobe has released a second patch to resolve a critical zero-day vulnerability in Adobe Reader after its original fix failed. The vulnerability, CVE-2019-7089, was patched in Adobe’s February 12 patch release. Buried among 42 other critical bugs, the security flaw was described as a sensitive data leak problem which can lead to information disclosure when exploited.”

PC Magazine: How to Encrypt a Document Stored on Google Drive

PC Magazine: How to Encrypt a Document Stored on Google Drive. “If you want to keep your files safe from prying eyes, encryption is your best bet—especially if you’re going to store those files in the cloud, where data breaches and other security issues can expose them to the outside world.”

eWeek: Duo Security Digs Into Chrome Extension Security With CRXcavator

eWeek: Duo Security Digs Into Chrome Extension Security With CRXcavator. “Cisco’s Duo Security business unit is announcing the public beta of a new tool called CRXcavator on Feb. 21 that will make it easier for organizations to take inventory of the Chrome extensions running across their enterprise, understand what if any risk they pose and then link that to a policy for secure deployment. As part of the effort to build CRXcavator, Duo also looked at more than 120,000 Chrome extensions to discover potential security concerns and risks.”

Ars Technica: Google Play apps with >10 million installs drain batteries, jack up data charges

Ars Technica: Google Play apps with >10 million installs drain batteries, jack up data charges. “Is your Android phone feeling hot to the touch, acting sluggish, in need of frequent charges, or using dramatically more data than it used to? It may be a victim of DrainerBot, a major fraud operation distributed through Google Play apps with more than 10 million downloads, researchers said Wednesday.”

Git money, git paid: GitHub waves larger wads of dollar bills to tempt bug hunters (The Register)

The Register: Git money, git paid: GitHub waves larger wads of dollar bills to tempt bug hunters . “Social code storage biz GitHub, now a ward of Microsoft, on Tuesday divulged plans to make itself more attractive to hackers by flashing larger sums of cash and offering better indemnity.”