Items tagged with security
Researchers at a cybersecurity firm headquartered in Israel say they recently alerted Microsoft to a startling vulnerability in its Azure Cosmos DB database service. Multiple flaws could allow an attack to "gain complete unrestricted access" to accounts and databases of several thousand companies, including Fortune...
Read more...
We often cover vulnerabilities in Windows 10 that involve convoluted methods of gaining admin access to systems using privilege escalation. However, the latest exploit involving software for Razer products is facepalm-worthy in its sheer simplicity.
In this case, the problem stems from Razer's Synapse software, which...
Read more...
Earlier this week, it was alleged that T-Mobile suffered a devastating data breach that resulted in the leak of personal data from over 100 million customers. Today, T-Mobile confirmed the breach, but the number of affected individuals is less than half of what was previously reported.
The confirmed 47 million...
Read more...
T-Mobile is now investigating a massive customer data breach claim that could affect up to 100 million users. The leak, which appeared on a leak and database selling forums on Saturday, claimed to have 30 million unique social security numbers and driver's license information.
In the samples provided, it also...
Read more...
Following call center company Teleperformance allegedly forcing employees to undergo AI camera surveillance, Amazon wants to monitor its own customer service employees. Soon, Amazon could use a system that captures all workers' keystrokes to run behavioral analysis and prevent malicious hackers or imposters from...
Read more...
Not everything has to be high-tech to perform dastardly deeds these days, and the same is true of malware. However, malware can slip by conventional security solutions using some email tricks and social engineering and still infect end-users, as Microsoft reports.
This Tuesday, the Microsoft Security Intelligence...
Read more...
Hey, good news, in case you missed it—Microsoft earlier this week announced it has completed its investigation of an annoyingly persistent printer exploit, and issued a series of patches to get rid of the problem. Ready for the bad news? Another similar security vulnerability has reared its ugly head, and Microsoft...
Read more...
Yesterday, criminal hackers stole approximately $600 million in varying cryptocurrencies from the PolyNetwork, a blockchain interoperability company. Now, in an interesting turn of events, the hackers have begun returning the stolen funds in what was to be one of the biggest cryptocurrency thefts ever.
As it stands...
Read more...
Digital security and cyber safety are paramount in an era where people are constantly out to make a quick buck and steal your information. Thus, Norton LifeLock and Avast agreeing to a merger to form a new cyber safety business comes as no surprise in the ever-shifting threat landscape.
Announced yesterday, the...
Read more...
Microsoft is pretty confident that it has finally addressed the dreaded PrintNightmare that has been keeping IT admins awake at night. Okay, maybe that is a slight exaggeration. However, the vulnerability within Microsoft's Windows Print Spooler service has definitely been a recurring headache, and is seemingly fixed...
Read more...
Ransomware infections have been on the rise lately, affecting companies like Gigabyte or, more famously, Kaseya. Subsequently, the fight against the ransomware plague needs to meet and exceed threat actors’ efforts, and Microsoft is looking to help. In collaboration with the Microsoft Threat Intelligence Center...
Read more...
Network Attached Storage (NAS) devices from Synology are being targeted by the StealthWorker Botnet in an ongoing brute-force attack that could lead to ransomware infections. Perhaps we should just drop the “network attached” of NAS portion for now.
According to an August 4th report, Synology’s Product Security...
Read more...
Earlier in the month, Tenable security researchers discovered a vulnerability allowing attackers to bypass authentication on millions of routers from 17 different vendors. However, it now appears that threat actors are actively exploiting this to deploy malicious Mirai botnet payloads.
Evan Grant of Tenable...
Read more...
Which do you prefer when browsing the web—raw speed or a combination of security and privacy? Generally speaking, modern browsers deliver the whole kit and caboodle, which is the way it should be. That said, Microsoft is testing a new "Super Duper Secure Mode" for its Edge browser that puts more of an emphasis on the...
Read more...
Google is looking to make home security cheaper and easier to setup using wire-free options, smart alerts, and enhanced privacy via a line of new next-generation of Nest Cams and Doorbell. With these new products, Google is taking a hard swing at Amazon with its Ring family of products.
Google Nest Cam
Kicking...
Read more...
If you want to be stealthy, perhaps not wearing a hot pink suit is a good choice. When it comes to cybersecurity, avoiding computer languages that people have come to know and recognize is a good idea as well. Threat actors have seemingly figured out the latter as some malware has now been built using “exotic”...
Read more...
In the past, there have been some big slip-ups when commentators did not know that they were on-air and began speaking their mind to other people. This seems to have happened again at the Tokyo Olympics when an Italian TV announcer did not realize he was live on-air when he asked for his computer password.
Posted...
Read more...
Hackers and threat actors are constantly searching for new ways to breach systems for cybersecurity research or exploitation, respectively. Thankfully, French researcher Gilles Lionel got to an NTLM Relay Attack, dubbed PetitPotam, first. Now, Microsoft has released a mitigation technique that IT admins should...
Read more...
Microsoft is warning of a vulnerability in both Windows 11 (not yet released, but available in preview form to Windows Insiders) and Windows 10 that could reveal a user's admin password, which in turn could be used to elevate their own system privileges. That's obviously not a good thing, as it would essentially grant...
Read more...
Earlier this year, the Colonial Pipeline ransomware incident crippled fuel delivery to the Eastern Seaboard, sending people into a panic and decreasing the supply of gas, if only briefly. Amazingly, this is only the first time something of this scale has happened, but hopefully, it will be the last. The Department of...
Read more...
Just as there is a traditional weapons market, a private sector cyberweapons market enables people and organizations to attack anyone worldwide for a fee. However, Microsoft takes this threat of cyberweapons seriously, and is now working to fight the problem head-on.
Yesterday, Microsoft's Cristin Goodwin, General...
Read more...
Remember that scene in Office Space where a trio of disgruntled employees take a problematic printer to field and beat it to a pulp? Anyone who has ever dealt with stubborn printer issues has probably felt that way. It doesn't help that we also have to worry about printer vulnerabilities messing up our day, and to...
Read more...
