Enterprise, Workstation, Data Center, Cloud, Networking, Software News And Reviews

In-depth product reviews and news of enterprise, workstation, networking, cloud, SMB, data center and software products and services.

by Lane Babuder - Fri, Aug 19, 2022

That VPN May Be Leaking Your Data On iOS Devices And Apple Has Known For Years

Security researcher Michael Horowitz, not to be confused with the current United States Inspector General, has been updating a blog post titled "VPNs on iOS are a scam" ever since May 2022. The rather lengthy post goes into detail about data leaks that occur outside of a VPN tunnel on iOS. The issue was first reported... Read more...

by Nathan Wasson - Fri, Aug 19, 2022

Researcher Claims TikTok Could Be Secretly Tracking Your Keystrokes

We wrote last week about research showing that Meta takes advantage of the in-app browser feature on mobile devices to inject JavaScript into web pages viewed in the Facebook, Instagram, and Messenger mobile apps. Now that same researcher has found that the TikTok in-app browser injects JavaScript which functions... Read more...

by Mark Tyson - Fri, Aug 19, 2022

Urgent Security Flaw Is Forcing Google Chrome Users To Patch Browsers ASAP

Google has released a Chrome browser update which addresses a zero-day flaw that is currently under active attack. This is the fifth time this year that Google has put Chrome users in a situation where they should act swiftly to apply a patch to a critical security flaw. If you are a Chrome user, please check that you... Read more...

by Ryan Whitwam - Thu, Aug 18, 2022

Mac And iPhone Users Should Download These New Emergency Apple Security Patches ASAP

Anyone with an iPhone in their pocket or a Mac on their desk should be hitting that update button today. Apple has announced an emergency patch for iPhones, iPads, and macOS computers, an increasingly common event. The update addresses a pair of zero-day vulnerabilities in Apple's software, meaning they are already... Read more...

by Nathan Wasson - Wed, Aug 17, 2022

China's Long-Term, Low-Budget Hacks Of Human Rights Groups Are Infuriating

Threat intelligence firm Recorded Future has published a report concerning a long-term credential theft campaign targeting humanitarian, think tank, and government organizations. A hacking group known as RedAlpha is carrying out this ongoing campaign, and is known to have been active as far back as 2015. However, it... Read more...

by Nathan Wasson - Tue, Aug 16, 2022

This Android Banking Malware Steals Your Logins And Then Leaves Ransomware Surprise

An Android Banking Trojan with an already extensive toolkit recently gained a ransomware module. While banking malware is an all too prevalent a threat for mobile devices, ransomware isn’t a technique commonly deployed against mobile devices, making this particular piece of malware notable. Banking trojans come in the... Read more...

by Lane Babuder - Mon, Aug 15, 2022

Zoom Plugged A Major Def Con Security Flaw For MacOS, Get This Update ASAP

When you update your virtual meeting software, you usually don't expect some random software to install all on its own or run commands of its own volition. If you use Zoom on a Mac though, that is exactly what is possible. This is thanks to an exploit in the Zoom updater that was outlined by Objective-See security... Read more...

by Nathan Wasson - Fri, Aug 12, 2022

Facebook and Instagram's In-App Browser Exploits Expose User Privacy Concerns

Facebook’s collection and sale of user data for advertising purposes took a huge hit when Apple introduced its App Tracking Transparency (ATT) feature, with Facebook projecting that it will lose out on $10 billion in revenue this year. However, it appears that Meta, Facebook’s parent company, may still have some... Read more...

by Lane Babuder - Fri, Aug 12, 2022

Facebook Finally Gets Behind End-To-End Encryption For Messenger Chats

It has been a long time coming, but the tech giant Meta has finally realized that its users might just want a little bit of privacy. As of August 11th, it has started testing end-to-end encryption for the Messenger portion of its popular social media platform, Facebook. In a Messenger News blog post, Facebook has... Read more...

by Nathan Wasson - Thu, Aug 11, 2022

Cloudflare Details How It Thwarted The Same Smishing Attack That Stung Twilio

Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login... Read more...

by Mark Tyson - Thu, Aug 11, 2022

AMD's Zen Architecture Is Vulnerable To A New Insidious SMT Security Flaw

Researchers have detailed the SQUIP attack, which is particularly worrisome for users of AMD Zen 1, Zen 2 and Zen 3 processors. Researchers were able measure the precise degree of Scheduler Queue Usage (i.e., occupancy) via Interference Probing, giving the attack its name. Using this technique, it was possible in... Read more...

by Nathan Wasson - Wed, Aug 10, 2022

Microsoft Patches DogWalk Zero-Day Flaw That Cruised Past Windows Defenses

Microsoft has finally released a security update that addresses a zero-day vulnerability that went unpatched for more than two years. The vulnerability, known as DogWalk, appears in the national vulnerability index as CVE-2022-34713. Microsoft has assigned the vulnerability a high severity rating of 7.8. The company’s... Read more...

by Ryan Whitwam - Tue, Aug 09, 2022

Start-Up Wants To Give Android Users 'Pretty Good Phone Privacy' To Stop Carrier Tracking

There is widespread concern over the amount of personal data siphoned off by Google, Facebook, and other big tech companies, but that's nothing compared to what your mobile carrier knows. A startup called Invisiv aims to address that with a new beta of its mobile data service. With Pretty Good Phone Privacy (PGPP)... Read more...

by Nathan Wasson - Mon, Aug 08, 2022

Phishing Campaign Hooks Twilio Communications Platform, Catches Customer Data

If we’ve learned anything from reporting on phishing attacks, it’s that no company, organization, or institution is immune from becoming the victim of one. Even the US Department of Defense recently fell victim to a $23.5 million phishing scam. If anything, larger organizations simply make for larger and more... Read more...

by Lane Babuder - Mon, Aug 08, 2022

We put a lot of faith in the prospect that our information is secure. Unfortunately, this is often just not the case. It is not hard for hackers and security ne'er-do-wells to get access to peoples' accounts when they use weak passwords incorporating little more than birthdates and pet names. This is especially true... Read more...

by Marco Chiappetta - Mon, Aug 08, 2022

AMD Threadripper Pro 5965WX Review: Many-Core Zen 3 Monster

AMD has been tearing it up in the desktop market with its Ryzen 5000 series processors since their release, but news on the Threadripper front has been comparatively quiet. Threadripper and Threadripper Pro 3000 series processors launched all the way back in 2020, and up until a few months ago the company hadn’t been talking much about... Read more...

by Nathan Wasson - Fri, Aug 05, 2022

Amazon Sucks Up iRobot In Merger With Bigger Implications Than Cleaning House

Amazon published a press release this morning announcing that it has entered into a merger agreement with iRobot, the company best known for its Roomba line of robot vacuum cleaners. So long as the deal receives shareholder and regulatory approval, Amazon will acquire iRobot for a $61 per share, totaling approximately... Read more...

by Nathan Wasson - Thu, Aug 04, 2022

Emergency Alert System Security Flaws Leave Us Vulnerable To Faked Broadcasts Warns FEMA

The US Government’s Cybersecurity and Infrastructure Security Agency (CISA) maintains a list of exploited vulnerabilities and releases notices urging organizations, particularly government agencies and contractors, to patch said vulnerabilities. However, CISA isn’t the only one looking out for US infrastructure. Ken... Read more...

by Ryan Whitwam - Thu, Aug 04, 2022

North Korean Hackers Used A Stealthy Browser Extension To Snoop Emails

It is always a good idea to secure your online accounts with a strong password and two-factor authentication, but even that might not stop a new piece of malware discovered by security firm Volexity. According to the company's threat research group, North Korea has been slurping up sensitive emails using a clever (but... Read more...

by Nathan Wasson - Wed, Aug 03, 2022

Heads-Up, These Are The Apps Malware Authors Most Often Impersonate

Malware campaigns employ different techniques to smuggle malicious software onto computing devices without the notice of users or anti-virus systems. Threat actors who develop and distribute malware frequently rely on various forms of mimicry to take advantage of users’ trust in legitimate websites, services, and... Read more...

by Mark Tyson - Wed, Aug 03, 2022

Samsung’s Next Gen Flash Storage Products Feed Big Data And Drive Faster Mobile Devices

Samsung talked about its next gen storage technologies during a keynote at the Flash Memory Summit 2022. During the Santa Clara Convention Center event, the South Korean electronics giant touched on what it bills as transformative technology coming to a wide range of devices from the data center to your... Read more...

by Nathan Wasson - Tue, Aug 02, 2022

Ransomware Gang Behind Colonial Pipeline Attack Claims Another Major Victim

In May of last year, Colonial Pipeline was struck by a ransomware attack, prompting the Colonial Pipeline Company to take certain systems offline in an attempt to contain the attack. As a result, all pipeline operations were temporarily halted, shutting off the flow of fuel to the eastern seaboard. Shortly thereafter... Read more...