Hive Systems has released the 2025 edition of its password crack time estimate table, and it's a doozy. Among many other findings, the company's researchers calculated that all random passwords around 8 characters in length are easily brute-forced with only consumer-grade hardware.
Hive Systems used only 12 RTX...
Read more...
Hertz Corporation has warned about an alarming data breach that might have exposed sensitive customer data to hackers. The rental car company has provided details of the breach, the measures it has taken, and what potentially affected individuals can do to safeguard their personal information, if needed.
In a...
Read more...
Phishing attacks continue to surge, with estimates indicating over 800,000 victims in the first quarter of 2024, a 4% rise from the same period the previous year. Attackers persistently try to deceive individuals into revealing their credentials. While Two-Factor Authentication (2FA) is commonly used as a defense...
Read more...
Apple's USB Restricted Mode, a key iOS security feature since 2018 designed to prevent unauthorized USB data access, has been found to have vulnerabilities exploited in sophisticated cyberattacks. Yesterday, the smartphone giant addressed this security flaw with iOS 18.3.1 and iPadOS 18.3.1. The vulnerability allows...
Read more...
China's DeepSeek made quite the splash late last month, both within the tech industry at large and by disrupting the US stock market, at least initially. In particular, DeepSeek's open-source R1 model made waves by challenging far more expensive AI solutions—the R1 model was reportedly built on a comparatively meager...
Read more...
AMD and Google's Security Team have disclosed a major microcode vulnerability affecting all AMD EPYC processors built on the Zen 1 through Zen 4 architectures. That means EPYC 7001 (Naples), 7002 (Rome), 7003 (Milan), and 8004/9004 (Genoa/Bergamo/Siena) series chips are all impacted. The vulnerability, assigned...
Read more...
Malicious actors have a variety of techniques to try and ensnare victims online, one of which is scareware. It entails displaying web pages designed to convince a user that their system has been somehow compromised, but promises to offer a tech support solution that will “fix” the issue. Microsoft is now providing a...
Read more...
As more and more sites and services have required login accounts, users have become overwhelmed with having to juggle so many passwords. This typically leads to users making poor choices, such as reusing passwords or passwords that are too simple and inherently unsecure. The situation has improved slightly with...
Read more...
Medical device manufacturer Artivion, who specializes in making products used by cardiac and vascular surgeons to treat patients, has been hit with a ransomware attack. It was severe enough attack that it has disrupted the company’s operations to the point it needed to disable some of its systems. The company...
Read more...
Security researchers at Any.Run have found a new zero-day attack currently being used by threat actors to evade detection tools used by security professionals. This new technique “evades antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your...
Read more...
It might seem as if threat actors have been more heavily targeting mobile users lately with malware and exploits, but it doesn’t mean desktop users can drop their guard. Researchers at ESET have discovered a vulnerability in several Mozilla products, which are currently being exploited by a Russian hacking group known...
Read more...
Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says that “this is one of the more serious vulnerabilities that we have reported on in our 12 year history.”
The affected...
Read more...
Security researchers at Kaspersky have discovered malware, dubbed SteelFox, which has been spreading “via forums posts, torrent trackers and blogs” since February of last year. It’s a potent piece of malicious software that attackers can use to extract a whole host of data from a victim’s computer, and can even enable...
Read more...
In what feels like a serious case of déjà vu, a piece of Android malware initially discovered two years ago, and spotted this time by cybersecurity firm Zimperium, is making the rounds again with a new version sporting several alarming advancements. While the malicious app has a new coat of paint, the aim is still the...
Read more...
With threat actors constantly targeting Android users with spam to distribute new malware, and even going so far as to repurpose older malware, Google is upgrading Messages to better protect users. The company is bringing “new controls and features to make your conversations on Google Messages even more secure and...
Read more...
Google’s Pixel line-up of smartphones have long been among the best Android devices on the market, and our often touted as examples of what Google thinks a smartphone running its operating system should be. And it's not just about the hardware and software, Pixel owners also get phones that offer great security, due...
Read more...
When Microsoft kicked off the Copilot+ PC era earlier this year, one of the more highly touted features was Recall, which would create a searchable history of everything a user did on their PC. It was immediately torn apart by many security researchers and criticized by many users. This backlash led to the company...
Read more...
The Irish Data Protection Commission (DPC) is levying a $102 million fine against Meta for violating the General Data Protection Regulation (GDPR) principles of integrity and confidentiality. After a five-year investigation, the watchdog found that the social media giant was inadvertently storing user passwords in...
Read more...
Security software provider Kaspersky, which will soon be banned from selling or providing its services in the United States, promised a smooth transition for current customers. However, many of these customers were shocked to find that their Kaspersky antivirus software had suddenly deleted itself and was...
Read more...
In what feels like déjà vu, a particular piece of Android malware has managed to sneak its way back into apps available in the Google Play Store after initially being discovered in 2019. The security research team at Kaspersky shared that the "Necro" trojan was found within several popular apps that, according to...
Read more...
Microsoft is making some changes to SymCrypt, which is the core cryptographic function library currently used by Windows. These changes are based on the guidance provided by the National Institute of Standards and Technology (NIST). This is to prepare for a future where quantum computers, which are vastly more...
Read more...
Security researchers at McAfee have discovered new malware targeting Android users, named SpyAgent. The main aim of this malicious software being the theft of seed phrases that can be used to recover cryptocurrency wallets. Although once installed on a device threat actors using SpyAgent will also look to exfiltrate...
Read more...
