Items tagged with security

There's a lot to love about Windows 10, but as it happens, there are a bunch of caveats to be aware of, as well. In fact, as soon as the OS released last week, security experts the world over began to raise a stink about how this is the OS that basically throws away your privacy, and in some cases, even your control. One example of the lack of control relates to Windows Update, something we've covered multiple times in the past. In effect, even those using the Pro version of the OS have less control over how updates are handled versus previous versions, and while an add-on tool has been released... Read more...
Windows 10 is off to a blazing fast start. The last official count had Windows 10 installed on more than 14 million devices in its first 24 hours, and unofficially there are now more than 67 million PCs and hybrids running the new OS. So naturally the bad guys are looking to capitalize on the situation, which they're doing via a nefarious ad campaign.As you know, Windows 10 is a free upgrade for Windows 7 and Windows 8.1 users. Since Microsoft is doling out the upgrade in phases, there are millions of eligible people still waiting their turn, and that's what the malicious email campaign is based... Read more...
Earlier this week, we learned of a scary piece of malware that can strike almost all Android devices in use. As has become a theme of late, the exploit is trigged via a simple text message. While it's easy to assume that you'll be safe simply by not reading any unsolicited text messages from people you don't know, this bug can be effective enough to not even require you to open it. If the attack is successful, the phone can be remotely accessed in full. That even includes being able to trigger the camera and microphone. Suffice to say, this is a serious bug, and while there's been no proof of it... Read more...
Remember when getting hacked meant loss of control of your PC and/or stolen data? It could be embarrassing, sure, and you could even be fired if a weak password contributed to the theft of sensitive company information. However, more recent hacks of shown a frightening trend towards causing physical harm. Earlier this month, security researchers demonstrated the ability to remotely hijack virtually all controls in a Jeep Cherokee, including steering and braking. And now we're finding out that hackers can disable or change the target of a computer-aided sniper rifle. Scary times we live in, folks.... Read more...
We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well, with Fiat Chrysler's response, I think that question has been answered. In a press statement issued today, the company has announced that it's recalling 1.4 million cars that are equipped with certain UConnect radios. Dodges, Jeeps, Rams, and Chrysler's are affected. Ultimately, it seems like this recall isn't going to be that painful for owners of the affected... Read more...
Is there anything scarier than the thought of a hacker remotely taking control of your vehicle's steering and braking functions as you barrel down the highway? Well sure, being eaten alive by flesh eating zombies like an episode of The Walking Dead would cause most people to soil their undergarments, but losing control of your vehicle certainly ranks right up there. And unlike the zombie scenario, these remote vehicle hacks are really happening. The newest threat is an exploit that exists in car infotainment systems that could allow an attacker to take complete control of a vehicle's brakes and... Read more...
Microsoft is plugging a security hole with a new Critical-rated security update. The patch will fix an issue in Windows and OpenType fonts that could expose users to malicious website content. So long as you have automatic updates enabled, your PC will download and install the patch, if it hasn’t already. “This security update resolves a vulnerability in Windows that could allow remote code execution if a user opens a specially crafted document or goes to an untrusted webpage that contains embedded OpenType fonts,” Microsoft said in a statement. It deems the hole dangerous enough to have released... Read more...
Over the past five years, where the bulk of Microsoft's revenue comes from has skewed quite a bit. As the company begins to transition its Windows OS to become a "service" (and not to mention, largely giving it away for free up-front) and deal with other products that are suffering decreased revenue, the company has been putting a lot of effort into its cloud solutions. Today, Microsoft's Azure platform is huge, and feature-rich. To give an idea of just how much cloud matters to Microsoft, there is a lot of Linux that runs throughout its own solutions. The company would of course prefer its customers... Read more...
Two months after dating website AdultFriendFinder was breached and had its info leaked, the exact same thing is happening to a trio of websites belonging to Avid Life Media, including AshleyMadison. If all of the information stolen does in fact get leaked, it won't bode well for its members. AshleyMadison is a website that promotes infidelity, and it doesn't sugar-coat it. "Life is short. Have an affair" is its tagline. With this breach, though, it should add "As long as you don't mind others knowing about it." The other websites affected include dating websites Cougar Life and Established Men.... Read more...
To quote the Guinness brothers, rewarding security researchers with frequent flier miles in exchange for rooting out system bugs is "brilliant!" That's what United Airlines is doing, and it's already given out two of its highest awards available -- one million miles -- which is enough to redeem for dozens of domestic flights (or less if flying first class). United is the only airline to offer such a program. It was unveiled back in May only weeks before technical woes forced the company to ground its planes on two separate occasions. One was due to an inability to access United's... Read more...
Has the time come to put Adobe's Flash Player plugin out of our misery? Facebook CSO Alex Stamos thinks so. In a series of Twitter posts, Stamos makes a plea for Adobe to set a date to euthanize Flash, allowing the web and Internet users at large to move on to better (and more secure) technologies. The question is, will Adobe do it?Probably not at the sole behest of Stamos, though he isn't the only one calling for an end to Flash. An anonymous group calling it Occupy Flash has been pushing for the same thing for the past few years. The Occupy Flash website has been tweeted out thousands of times,... Read more...
Whether you use Snapchat to send goofy faces to friends and family, or fling more sultry looking photos to a lover, you probably don't want those snapshots falling into the wrong hands. Unfortunately for users in the United Kingdom, new legislation could force messaging applications to be less secure so the government can peep encrypted communications.Apps like WhatsApp, iMessage, and Snapchat would all be banned as currently constructed if the new laws take effect. That's because the legislation being pushed would only allow apps to use encryption if there's a backdoor for government agents. The... Read more...
In the wake of recent security threats that have come to light, Mozilla has made the decision to block Adobe Flash content by default on all versions of its Firefox browser. Mark Schmidt, head of Firefox support at Mozilla and CEO of SupportHacker, announced the change via Twitter on Monday, adding that this is a temporary thing. "BIG NEWS!! All versions of Flash are blocked by default in Firefox as of now. To be clear, Flash is only blocked until Adobe releases a version which isn't being actively exploited by publicly known vulnerabilities," Schmidt said. This has been a bad month for Adobe and... Read more...
We reported last week on a new zero-day vulnerability in Adobe Flash that was revealed following the leak of data from the Italian hacking group "Hacking Team". It's hardly a surprise when such a vulnerability is found in either Flash or Java, and as sad as it is, it's not even surprising to learn that two more have been found. Oy! The latest vulnerabilities, named CVE-2015-5122 and CVE-2015-5123, are considered critical, and affect the Flash player on Windows, OS X, and Linux. A verbatim threat to last week's vulnerability, "successful... Read more...
1 2 3 4 5 Next ... Last