Microsoft is making some changes to SymCrypt, which is the core cryptographic function library currently used by Windows. These changes are based on the guidance provided by the National Institute of Standards and Technology (NIST). This is to prepare for a future where quantum computers, which are vastly more...
Read more...
Security researchers at McAfee have discovered new malware targeting Android users, named SpyAgent. The main aim of this malicious software being the theft of seed phrases that can be used to recover cryptocurrency wallets. Although once installed on a device threat actors using SpyAgent will also look to exfiltrate...
Read more...
Researchers at Cado Security have found new malware targeting maOS users, which is dubbed “Cthulhu Stealer.” The malicious app attempts to deceiver users by masquerading as legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. It’s incredibly similar to Atomic Stealer, malware first released in...
Read more...
Security researchers at Cisco Talos have discovered a set of vulnerabilities affecting macOS users who have Microsoft applications installed on their computers, providing more attack vectors for malicious actors. The researchers say that “an attacker could bypass the operating system’s permission model by using...
Read more...
More malware targeting Mac users has been found by searchers at security firm Elastic Security Labs. The malicious software has been dubbed “Banshee Stealer,” and it is able to compromise systems using either Intel or Apple Silicon chips. The researchers says that “this malware presents a severe risk to macOS users...
Read more...
An app designed for Verizon in-store demos, identified as Showcase.apk, has left several generations of Pixel smartphones vulnerable to a number of different types of attacks. The app has been around since 2017, and places nearly every Pixel device sold during that time at risk. However, Google remarked it is...
Read more...
Yet another leak of stolen data has made its way to Breach Forums, a popular site for bad actors who traffic in this kind of data theft. The data originates from the breach of National Public Data, which is a service that gathers information from separate sources to form profiles on individuals located in several...
Read more...
IT infrastructure and security systems built in the cloud are great until one of them shuts down your company. Cybersecurity firm CrowdStrike's marketing material says an average cybercriminal can exfiltrate data within 62 minutes of breaking in. However, it only took the company's cybersecurity suite about three...
Read more...
It appears that AMD is now the latest victim of cybercrime and a data breach, as company data is being offered for sale on a message board frequented by criminal hackers. AMD acknowledged the situation in a statement, noting that, "we are aware of a cybercriminal organization claiming to be in possession of stolen AMD...
Read more...
Are you looking to get some laundry done on the cheap or, even better yet, free? It turns out a security flaw in a popular internet-connected laundry machine vendor could allow anyone to avoid paying the fee for washing or drying clothes. This vulnerability was reported to the vendor months ago and remains unfixed...
Read more...
AirTags and other property tracking tools are remarkably useful for keeping tabs on your stuff wherever it goes. However, on the flip side, hidden trackers are also a concern, with criminals learning to use Apple AirTags to mark vehicles that could be tracked and stolen later. Thankfully, both Apple and Google are...
Read more...
It has been a little while since our last major data breach, with the latest being back on April Fools' with AT&T having the information of 73 million accounts appear on the dark web. However, hackers never rest so it was simply a matter of time before another breach would happen, this time with Dell. A threat actor...
Read more...
Artificial intelligence has been used for some rather interesting applications, such as helping people deal with losing a loved one. While this is a unique use of the technology, there is so much more that AI can be used to improve our daily lives. This includes cybersecurity, which Google is now capitalizing on by...
Read more...
Earlier this month, Microsoft discovered a vulnerability pattern in Android applications that could enable overwriting files and allow remote code execution. This issue that could be leveraged by attackers has also been seen in the wild with several applications, but organizations have seemingly been quick to rectify...
Read more...
While some might say passwords are on the way out, especially with the advent of passkeys that are regarded as a better solution. However, the extinction of the password isn’t a reality yet. Passwords are still around and they're sometimes terribly not secure, especially if you use one of the top 200 worst passwords for any of your accounts.
Read more...
The Google Play Store is the primary app repository for most Android users, and that makes it a tantalizing target for internet ne'er-do-wells. Google says it takes Play Store security seriously—so seriously, in fact, that it has whipped up a nifty little acronym to describe its approach. Google says that it leveraged...
Read more...
In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat...
Read more...
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer’s PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier...
Read more...
End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have...
Read more...
I guess the Notepad built into Windows is fine, but it could be better. It could have more features, cleanliness, and could simply just be iterated on as an improvement. Thankfully, there is Notepad++, a free and open-source Notepad replacement and code editor, which has become incredibly popular. With this...
Read more...
Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting caught before it became pervasive, it goes to show that with a bit of social engineering and laying low for a while, you...
Read more...
Artificial intelligence is not perfect. It occasionally spews misinformation, like the time a Chevy AI chatbot was tricked into “selling” a Tahoe for $1, and hallucinations or mistakes in the training data can result in incorrent output. However, the march of AI integration continues, bringing with it these sorts of...
Read more...
