It's a good idea for big organizations to hire security researchers for help securing their systems. No matter how much effort you put into something (like securing your network), it can sometimes require a person looking at it from a different angle to point out a problem you couldn't see.
Given that lede and...Read more...
Do you let your browser store logins for websites like Twitter, Facebook, or HotHardware? Well, you probably shouldn't. Not only does it let anyone who gets on your PC access your personal information, but it also opens you up to easy attacks from "info-stealer" malware.
South Korean cyber-security firm Ahnlab just...Read more...
Nobody wants to rack up bad karma, which should be reason alone not to pilfer movies from the internet via BitTorrent or whatever other means. But even disregarding the moral aspect or pirating movies and games, there's another reason not to engage in such behavior—you could end up with a malware infection. Some...Read more...
You may have heard about a recent prank making the rounds in Minecraft. By sending a chat message starting with "${jndi:ldap://" users could make their friends' Minecraft client open a browser window and go to a specific website. So naturally, pranksters were sending their friends to all kinds of shocking and...Read more...
Security researchers at F-Secure discovered security vulnerabilities affecting over 150 multi-function printer models from HP. That's the bad news. The worse news is, in addition to impacting so many printer models, these are labeled as Critical and High security flaws. Ready for the good news? HP has issued...Read more...
There's no denying that cybersecurity is a major concern for anyone on the internet. One wrong move can get your device infected with malware that can steal your personal data, corrupt or encrypt your precious, unreplacable files, and even worse, snatch your credentials. Even if you avoid malware, there's myriad other...Read more...
Do you ever forget to type the TLD (like, ".com") for websites that you visit, then click the top result when the inevitable search comes up? We might recommend you to stop doing that in the future. At least on Google and Bing, the first few results are advertisements, and those advertisements might not be as safe as...Read more...
Cheaters never prosper, especially when they are being targeted by ransomware-laden files scattered about the internet. Whether or not comeuppance like this is deserved, Japanese Minecraft players looking for alternate accounts to cheat or circumvent bans are being infected by the Chaos ransomware variant in a ghastly...Read more...
Everyone who uses an Android phone has probably had some security-conscious acquaintance ask, "don't you know how much data your phone is harvesting?" Most of us shrug it off as one of the unavoidable circumstances of modern life: you want a smartphone, you deal with data harvesting. Still, some folks aren't so...Read more...
Network Attached Storage (NAS) devices from Synology are being targeted by the StealthWorker Botnet in an ongoing brute-force attack that could lead to ransomware infections. Perhaps we should just drop the “network attached” of NAS portion for now.
According to an August 4th report, Synology’s Product Security...Read more...
A seven-year-old local privilege escalation bug has reared its head and finally got a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed attackers to get a root shell on several actively-used Linux distros.
On Linux, polkit is effectively a bouncer of...Read more...
The threat actors behind the SolarWinds attacks late last year have come back online and are targeting international development, humanitarian, and human rights organizations, according to new data from Microsoft. The Russian-based hacking group, called Nobelium, managed to compromise an email marketing account for...Read more...
Given that data leaks are occurring even more frequently these days, it is a matter of when, not if, your information makes it to the open web. Cybercriminals are constantly on the prowl looking for a new way to make a quick buck, and clearly the system is working for them. New data reports that over 5 billion records...Read more...
Israeli-based digital intelligence company Cellebrite provides software that enables the extraction of data from devices. While law enforcement loves this, it raises ire from phone manufacturers and individuals alike, with privacy concerns abound. Interestingly, the CEO of Signal got their hands on one of these...Read more...
Security breaches and data loss have been rampant problems for companies in recent years, with it seeming like there was a new victim every week. These security issues have also had some dire consequences, such as the first possible ransomware-related death at a hospital. As such, organizations are facing a harsh...Read more...
When it comes to updates for Android devices, Google has made some critical infrastructure improvements over the years to streamline the process for users. It's now easier for OEMs to push out standalone updates for devices, including security updates, to customers. However, for whatever reason, some OEMs aren't too...Read more...
Security researchers at Trend Micro say they have uncovered "several vulnerabilities" within an Android application that has been downloaded more than 1 billion times from Google Play. The app is called SHAREit by Smart Media 4U, and it is designed to make transferring photos, videos, music, and other things a snap...Read more...
Complete honesty is not a mantra for many online retail sites, at least according to a study released by Princeton University. The school conducted an automated crawl of more than 11,000 online shops and found that around one in six used some form of deceptive practice to hawk their goods. While some of those online...Read more...
Attackers with physical access to a device can generally do the most damage to a machine. This remains true with CVE-2020-8705, where an attacker with physical access can gain control of the system firmware while the device resumes from a sleep state. This means there could be privilege escalations, data loss, and...Read more...
A security firm warns that an "unskilled attacker" could leverage a security flaw in SonicWall VPN (virtual private network) appliances to run arbitrary code remotely, causing a persistent denial of service (DoS) condition. Or put more plainly, the SonicWall VPN has a serious security hole that makes it easy for even...Read more...
The internet is a place where it's difficult to trust anything that anyone says. A recent case of more than a handful of VPN providers who claim to keep no logs of their user's activity, yet leaked activity logs, highlights that you can't trust anyone online. As it turns out, the seven VPN providers were logging user...Read more...
TikTok has taken the world by storm as people of all ages uses the social networking platform to share videos. People use the platform to lip-sync to their favorite songs, perform short skits, or any number of humorous hijinks that the platform has been recognized for over the past year. It’s become a blockbuster app...Read more...