Items tagged with security
If you're a technology enthusiast, you've probably heard of "one-click" malware. This is pretty scary stuff in its own right: one click of a carefully-crafted link in an e-mail or other text message, and you're infected. One-click malware has been around a long time, but there's something even worse these days. It's...
Read more...
One app on the Google Play store has sent users’ contacts to a Russian server on the sly. Then, it signed them up for expensive subscriptions. That one app has already been downloaded half a million times. If you’re among those 500,000 users who downloaded the app, you’d best delete it now. The app is called Color...
Read more...
Are you tired of hearing about Log4shell yet? Well settle in, because a top-3-worst-security-exploit-ever doesn't vanish overnight. Microsoft updated its article about the flaw (which we mentioned on Wednesday) once again, this time with some notes about protecting "non-Microsoft-hosted Minecraft servers."
Indeed...
Read more...
Even if you're from the U.S., you may not have heard of CISA. The Cybersecurity and Infrastructure Security Agency is part of the Department of Homeland Security, and it primarily handles technological threats to the nation. Well, CISA is still in the process of an all-hands red alert thanks to the Log4shell security...
Read more...
If you employ Google's Chrome browser on your desktop, be aware there's an update available that patches up a handful of security flaws, including a zero-day vulnerability that is being actively exploited in the wild. As such, it's a tremendously good idea to manually update Chrome rather than waiting for an automatic...
Read more...
You may have heard about a recent prank making the rounds in Minecraft. By sending a chat message starting with "${jndi:ldap://" users could make their friends' Minecraft client open a browser window and go to a specific website. So naturally, pranksters were sending their friends to all kinds of shocking and...
Read more...
Generally when we talk about "botnets" we're talking about networks of devices infected with malware that serve an unintended (and usually malicious) purpose for an unknown external agent, one who controls the network with a centralized "command and control" service. An example would be the Srizbi botnet, formed by...
Read more...
The iPhones used by at least nine US State Department employees have been compromised using the notorious Pegasus spyware provided by NSO Group, sources say. The recent cybersecurity intrusion, which began in the last several months, seems to be focused on State Department employees either in Uganda, or focused on...
Read more...
If you are an AT&T enterprise customer with some older technology on the edge of your network, your infrastructure may be under attack by a Russian botnet dubbed EwDoor.
In late October this year, researchers at 360 Netlab discovered a threat actor attacking Edgewater Networks' devices using the four-year-old...
Read more...
Security researchers at F-Secure discovered security vulnerabilities affecting over 150 multi-function printer models from HP. That's the bad news. The worse news is, in addition to impacting so many printer models, these are labeled as Critical and High security flaws. Ready for the good news? HP has issued...
Read more...
While you may be trying to buy a Vebjörn desk or snag a deal on a Yttervåg, IKEA is trying to quell an ongoing cyberattack within its infrastructure. On Friday, it was discovered that cybercriminals were targeting IKEA employees with internal phishing attacks, using stolen reply-chain emails.
Reply-chain email...
Read more...
Server admins and security-heads take note: there's a new Windows zero-day that's like leaving the key in the lock. It just requires access to any standard user account, and provides administrative privileges with the execution of a single application. There's pretty much no defense against it as it stands, so keep...
Read more...
It would seem that not even GoDaddy can keep all the children of the internet behaving as they should. The very popular internet domain registrar and web hosting giant announced yesterday that its security was compromised last week.
GoDaddy announced yesterday that it had discovered on November 17th there was an...
Read more...
This is the time of year for giving thanks, munching on fried turkey (you are frying it, right?) and delicious side dishes, and shopping bargains on gaming laptops, TVs, and everything else. It's also when ransomware and other digital crooks ramp up their efforts to ruin the holidays. As such, the Federal Bureau of...
Read more...
It sometimes (maybe oftentimes) feels like Big Tech plays fast and loose with our privacy and security, as if an apology and a mea culpa after the fact makes everything okay. As much as they'd like that to be the case, it doesn't always suffice. Not in the eyes of the United States Federal Trade Commission, anyway...
Read more...
This should go without saying, but "password" is a terrible password. The same goes for "12345" and "123456," among others. And no, adding more numbers in sequential order won't make your account more secure because as it turns out, "123456789" is the second most commonly used bad password, according to a new report.
Researchers at NordVPN
Read more...
As ransomware and cybercrime are constantly making the headlines these days in traditional electronic mediums, Zelle banking users are also finding themselves being targeted by scammers. Worse yet, in the wake of having funds stolen from bank accounts, victims are finding little to no help from their banking...
Read more...
There's no denying that cybersecurity is a major concern for anyone on the internet. One wrong move can get your device infected with malware that can steal your personal data, corrupt or encrypt your precious, unreplacable files, and even worse, snatch your credentials. Even if you avoid malware, there's myriad other...
Read more...
Russian hackers are reaching out to Chinese threat actors in an attempt to share tips and collaborate on cyber attacks. This comes at a time where there has been an increase in activity of Mandarin and Chinese-speaking players on RAMP and other communities across the dark web.
RAMP was created last summer by a...
Read more...
In computer security, "cracking" systems is all about gaining access where you aren't supposed to have it. One of the most definitive ways to do this is by "pwning"—or "taking control of"—a system's main memory interface. Normally, doing so requires physical access to the system, but security researchers have...
Read more...
A couple of weeks ago a hacker managed to infiltrate Robinhood's network and access email addresses and full names for millions of customers. The person who is purportedly responsible has now listed the stolen data for sale on a popular underground forum where they are seeking a payday of at least five figures...
Read more...
An Android malware analyst at Kaspersky continues to expose apps in Google play that may appear legitimate at first glance, but actually have a sinister underside. Each of the nearly two dozen apps (so far) identified since late July contain a Joker trojan, which itself features a bag of devious tricks to swindle...
Read more...
