IT infrastructure and security systems built in the cloud are great until one of them shuts down your company. Cybersecurity firm CrowdStrike's marketing material says an average cybercriminal can exfiltrate data within 62 minutes of breaking in. However, it only took the company's cybersecurity suite about three...
Read more...
It appears that AMD is now the latest victim of cybercrime and a data breach, as company data is being offered for sale on a message board frequented by criminal hackers. AMD acknowledged the situation in a statement, noting that, "we are aware of a cybercriminal organization claiming to be in possession of stolen AMD...
Read more...
Are you looking to get some laundry done on the cheap or, even better yet, free? It turns out a security flaw in a popular internet-connected laundry machine vendor could allow anyone to avoid paying the fee for washing or drying clothes. This vulnerability was reported to the vendor months ago and remains unfixed...
Read more...
AirTags and other property tracking tools are remarkably useful for keeping tabs on your stuff wherever it goes. However, on the flip side, hidden trackers are also a concern, with criminals learning to use Apple AirTags to mark vehicles that could be tracked and stolen later. Thankfully, both Apple and Google are...
Read more...
It has been a little while since our last major data breach, with the latest being back on April Fools' with AT&T having the information of 73 million accounts appear on the dark web. However, hackers never rest so it was simply a matter of time before another breach would happen, this time with Dell. A threat actor...
Read more...
Artificial intelligence has been used for some rather interesting applications, such as helping people deal with losing a loved one. While this is a unique use of the technology, there is so much more that AI can be used to improve our daily lives. This includes cybersecurity, which Google is now capitalizing on by...
Read more...
Earlier this month, Microsoft discovered a vulnerability pattern in Android applications that could enable overwriting files and allow remote code execution. This issue that could be leveraged by attackers has also been seen in the wild with several applications, but organizations have seemingly been quick to rectify...
Read more...
While some might say passwords are on the way out, especially with the advent of passkeys that are regarded as a better solution. However, the extinction of the password isn’t a reality yet. Passwords are still around and they're sometimes terribly not secure, especially if you use one of the top 200 worst passwords for any of your accounts.
Read more...
The Google Play Store is the primary app repository for most Android users, and that makes it a tantalizing target for internet ne'er-do-wells. Google says it takes Play Store security seriously—so seriously, in fact, that it has whipped up a nifty little acronym to describe its approach. Google says that it leveraged...
Read more...
In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat...
Read more...
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer’s PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier...
Read more...
End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have...
Read more...
I guess the Notepad built into Windows is fine, but it could be better. It could have more features, cleanliness, and could simply just be iterated on as an improvement. Thankfully, there is Notepad++, a free and open-source Notepad replacement and code editor, which has become incredibly popular. With this...
Read more...
Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting caught before it became pervasive, it goes to show that with a bit of social engineering and laying low for a while, you...
Read more...
Artificial intelligence is not perfect. It occasionally spews misinformation, like the time a Chevy AI chatbot was tricked into “selling” a Tahoe for $1, and hallucinations or mistakes in the training data can result in incorrent output. However, the march of AI integration continues, bringing with it these sorts of...
Read more...
A team of researchers recently found a side-channel vulnerability in Apple’s custom SoC architecture that does not appear patchable and allows for the theft of encryption keys.
The research team, which hails from six different universities around the United States, published its findings and is calling it the...
Read more...
Over the weekend, the hero shooter game Apex Legends, made by EA and Respawn Entertainment, held a tournament that was reportedly compromised by hackers. Multiple players' systems were breached, and game cheats such as X-ray vision and aimbots were installed. How exactly this happened is unclear at this time, but it seems as if it is an issue
Read more...
StopCrypt ransomware is one of the most prolific yet underreported ransomware families due to its usual target of individuals rather than high-profile businesses or larger entities. We may not see this strain of ransomware in the United States as much, but it is still a threat regardless, and an evolving one at that...
Read more...
This week, researchers have reported that earlier this year, threat actors leveraged a vulnerability in Windows to deploy DarkGate malware after phishing the victim for initial access. The vulnerability tracked as CVE-2024-21412 led to users running fake Microsoft software installer (.MSI) packages that looked like...
Read more...
Over the past few months, the infamous ransomware group LockBit has faced significant turmoil, including threatening a forum administrator with murder. All while this was happening, members of the group like Mikhail Vasiliev were sitting in jail, awaiting trial for their cybersecurity crimes. Now, Vasiliev has been...
Read more...
Account credentials and personal data are hot commodities online, which often going up for sale at low prices so shady characters can move thousands of accounts quickly. This is reportedly what has happened to just over 15,000 Roku customers who had their accounts compromised due to credential stuffing attacks that...
Read more...
Researchers have shown that running a man-in-the-middle attack against a Tesla owner can potentially compromise their account, unlock their car, and ultimately allow threat actors to drive away with it. There are, of coruse, a number a caveats. Much of this hinges on some social engineering, and tricking the Tesla owner to use a spoofed Wi-Fi
Read more...
