Items tagged with security
Losing a phone or other mobile device can be a pain, especially if you don’t have any tools like Apple’s FindMy at your disposal. This pain doubles when you find yourself in the middle of nowhere on a camping trip with no cell signal to help you in the search. However, there is a trick that you could use to help...
Read more...
With a purported userbase of over 500 million, WinRAR is one of the world’s most popular file compression tools thanks in part to its never-ending free trial. However, with such prevalence, WinRAR is also a juicy target for hackers to gain a foothold or escalation on a device. Google’s Threat Analysis Group (TAG) has...
Read more...
'
Discord is a great voice, text, and video platform that allows friends, family, and communities of all types to connect in a common space. However, it’s been known that Discord has been used for some terrible things, such as the massive leak of intelligence from the U.S. Pentagon. Now, threat actors are leveraging...
Read more...
Cloud gaming has many advantages, such as lowering the barrier to entry to triple-A titles that require beefier and beefier hardware these days. However, one downside to this ecosystem is that there is a vast centralized dataset that could make for a rather juicy target for hackers. This is exactly what ShadowPC, a...
Read more...
Threat actors and malicious hackers have been targeting gamers with malware for quite some time, as they can be easy targets who download and run strange things from the internet all the time. Such was the case with a trojanized Super Mario game earlier this year that could have stolen information, run ransomware, or...
Read more...
With the recent acquisition of Fakespot, Mozilla is looking to improve Firefox's user experience by tracking fake reviews on popular online shopping sites such as Amazon, Best Buy and Walmart. Reports reveal that Mozilla has integrated this capability into Firefox and testing it currently. The feature will become...
Read more...
Earlier in the year, Google implemented support for passkeys in its products to help move folks away from traditional passwords. In theory, this should make people more secure and have an easier time signing into their accounts, and as such, Google is making it the default means of signing in across personal Google...
Read more...
In early September, Valve received a radio certification in South Korea for an unknown model product listed as “1030.” At that time, it was unclear what exactly that product would be, though it was known that it would be a low-power wireless device of some sort. However, with a recent FCC listing, it is becoming...
Read more...
“It’s getting hot in here, so patch all of your phones” is not the line but is the case for iPhone 15, which was found to have an overheating problem. Users were finding that their phones would become nearly too hot to touch while charging or prolonged use. Since then, Apple has released a patch, which users should...
Read more...
If Marvin the Martian makes it onto your computer and does privilege escalation to take it over, we might now know just how they did it. A new Linux local privilege escalation vulnerability, dubbed Looney Tunables. that can bump basic users to root was discovered, affecting a plethora of Linux installations.
Glibc...
Read more...
If you are reading this on October 4th at 2:20 pm EST and wondering why your devices are making a cacophony of noise, don’t worry as it is just a test. FEMA and the FCC are coordinating to test two emergency alert systems across the nation to ensure preparedness for national-level emergencies.
As mentioned, two...
Read more...
Chinese threat actors are upping their game in the cybersecurity realm, as indicated by new Linux backdoors and other advanced tactics, techniques, and procedures (TTPs). With this, an international multi-agency team led by the National Security Agency (NSA) has discovered a People’s Republic of China-linked group...
Read more...
Side channel attacks are always fascinating to see how they are executed, such as the recent discovery that encryption keys could be stolen by recording power LEDs on various devices. Researchers have found that malicious websites might be able to see usernames and other sensitive information by leaking it from...
Read more...
Nonprofit NGO National Student Clearinghouse handles student data reporting and exchange, serving 3,600 universities and 22,000 high schools around the United States. However, being “the leading provider of educational reporting, data exchange, verification, and research services” would make the organization a rather...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
Trend Micro has been tracking a threat-actor group since early 2021, dubbed Earth Lusca, which is purportedly based out of China. Since that initial discovery, researchers have found the group has utilized increasingly sophisticated infrastructure, tools, techniques, and procedures to advance its goals in...
Read more...
If it doesn’t come directly from the Google Play Store, do not download or install whatever application it is. This simple rule could protect you from malware such as that from the Transparent Tribe, a suspected Pakistani threat actor who is hiding remote access tool (RAT) features inside another application that...
Read more...
Misconfigured cloud storage seems to be a recurring problem for Microsoft, who just last year had customer information leak through an exposed Azure Blob Storage server. Now, the Redmond-based company has had 38TB of private internal data leaked thanks to a bucket of open-source AI training data linked on...
Read more...
While Windows is nearly ubiquitous, great for convenience and it offers a familiar end-user experience, some things are more easily done on Linux. Given this odd juxtaposition of popularity versus utility, threat actors targeting Linux are finding a target-rich environment that can still fly under the radar for the...
Read more...
Using wireless signals to discover what is on the other side of a wall is not necessarily a new concept but one that has improved in recent years with advancements in math and machine learning. This has been showcased most recently by a team of researchers out of the University of California Santa Barbara who were...
Read more...
As it turns out, it does not take a team of highly specialized criminals led by one Danny Ocean to disrupt a massive casino network these days. It only realistically takes a team of hackers to bring things to a grinding halt and potentially get away with personal data or money in the era of the digital heist.
From...
Read more...
This month, the Associated Press is warning that the personal information of AP Stylebook customers was compromised in a data security incident over the summer. What tipped the AP off was a series of phishing emails being sent to AP Stylebook customers asking them to provide updated credit card information.
The AP...
Read more...
