Items tagged with security
Over the past few years, biometric security solutions have been on the rise, replacing the use of traditional passwords on both mobile devices and the PC. Windows Hello is one such implementation. It allows users to near-instantaneously log onto their machines with their face or fingerprint (or a PIN), and is in wide...
Read more...
Earlier this year, a vulnerability within Apple’s WebKit for Safari was discovered by Google’s Threat Analysis Group (TAG) and then tracked as CVE-2021-1879. Now, it is reported that this vulnerability was likely exploited by a familiar Russian government-backed threat actor: Nobelium.
Yesterday, Google TAG...
Read more...
After last week's out-of-band update to patch the PrintNightmare vulnerability, Microsoft has now released more vulnerability fixes as part of Patch Tuesday. With this update, the Redmond, Washington-based company knocked out a whopping 117 security issues that garnered a variety of concerns.
Patch Tuesday has become...
Read more...
It appears that REvil, the threat actor group behind attacks on JBS Global and Kaseya, among others, has gone dark. While this could be a good thing, it may not be worth holding your breath as there are other explanations for REvil “disappearing” in the short term.
Prior to the July 4th holiday in the United States...
Read more...
Yesterday, Microsoft reported that it had detected a 0-day remote code execution exploit being used in the wild against SolarWinds’ Serv-U FTP product. The vulnerability that allowed this exploit has since been patched, but it is still disconcerting, nonetheless.
Tracked as CVE-2021-35211, the vulnerability reported...
Read more...
If you are still relying on Apple's discontinued AirPort Time Capsule to back up you data, you may want to seek out an alternative. Otherwise, you could lose all your files to what a data retrieval company is calling a flaw in the physical design, which in the firm's experience, can actually warp the hard disk drive...
Read more...
Customers of Kaseya's Vector Signal Analysis (VSA) software are being warned to be on the lookout for phishing emails claiming to offer up a security update, but in reality contain a malicious payload. The phishing campaign is a result of a massive supply chain ransomware attack that spread through software created by...
Read more...
As if fussing with a printer is not maddening enough, a recent Windows Print Spooler exploit called 'PrintNightmare' left users vulnerable to remote code execution attacks. Not cool. Fortunately, Microsoft has made rather quick work of rolling out an out-of-band patch, which is being sent out via Windows Update (or...
Read more...
Over the weekend, cybersecurity experts, forensics teams, and white-hat hackers worldwide have been battling the ransomware incident affecting Kaseya VSA customers. Now, the Florida-based IT and remote management company is reporting that fewer than 60 customers and 1,500 downstream companies have been affected by...
Read more...
Audacity sparked quite the firestorm over the weekend after the scope of changes to its privacy policy were revealed to the broader public. The changes came after Audacity was acquired by Muse Group earlier this year.
Some of the key sticking points that alarmed users of the audio editing program were that while...
Read more...
Over the holiday weekend, the popular battle royale game Apex Legends was hacked, but not in the way you may expect. Rather than stealing data, encrypting files, or being generally destructive, the hackers broadcasted a message stating that Respawn Entertainment has not done enough to fight hackers in its first game...
Read more...
For the past two decades, Audacity has built and maintained a following as a capable and free audio editing program. Being a no-cost solution is a big draw, and so are a coupe of other attributes—it's an open source program, and available on multiple platforms (Windows, macOS, GNU/Linux). Some users are starting to...
Read more...
Do you know what would be great? If Apple would stop dragging its feet on a weird bug in iOS that makes it possible to disable an iPhone's ability to connect with a Wi-Fi network. Same goes for iPad devices, presumably. The problem lies with SSIDs that contain certain characters—if you connect to one with your iPhone...
Read more...
On July 4th, we reported that the developing Kaseya ransomware incident might be much worse than initially thought. While it is still unclear exactly how many victims and encrypted devices there are, it was apparent that this is certainly a wide-reaching international incident. We also noted that REvil, the...
Read more...
Before the holiday weekend got underway, the REvil hacking group kicked off a massive supply chain attack involving remote management software company Kaseya. Based out of Florida, the company only reports that 40 of its remote monitoring tool VSA on-premises customers have been affected by this. However, some of...
Read more...
Hopefully you are not one of the millions of people who have installed an app called PIP Photo onto your Android device. Why is that? While it may seem like a harmless and handy image editing app, it contains malware designed to covertly swipe a person's login credential for Facebook. Same goes for a handful of other...
Read more...
Hacking group REvil, which was behind attacks such as those on Acer in early 2021, has returned in force evidently, after approximately 200 U.S. businesses were hit by ransomware overnight. It has been found that the ransomware spread through software created by Florida-based IT company Kaseya in what is another...
Read more...
Just last week, many Western Digital MyBook Live owners lamented the fact that their personal cloud was being attacked and wiped remotely. Those storage devices were older and hadn't been supported since 2015. As a result, those NAS products proved to be a lesson in not putting unsecured and unpatched devices on your...
Read more...
As cybersecurity solutions tighten up and prevent many attacks, threat actors are looking for new and innovative ways to attack systems. This has led to a rise in attacks that start “outside and below the operating system layer,” such as firmware attacks and ransomware attacks through VPN devices or other...
Read more...
If you have been on the internet for any length of time, there is a pretty good chance that at least some of your personal information is out there in a database. However, if you happen to use LinkedIn, these odds have now gone significantly up. Some malicious people have managed to scrape information like phone...
Read more...
Last week, hundreds if not thousands of My Book Live customers awoke to their devices being wiped and, in some cases, unrecoverable. At that time, it was simply thought that Western Digital had not patched a critical vulnerability from 2018 that allowed attackers to do this, but it seems there is more to the story...
Read more...
Ensuring accounts are secure is an important part of being online, as there are always people out to try and get you. This is especially true for app developers who may be targeted for the data they do or could possess. Thus, Google is introducing new security measures for developers to help strengthen accounts and...
Read more...
