Items tagged with security
Earlier this week, we brought you news that Facebook had yet another epic privacy fail after information pertaining to hundreds of millions of users was found on an external server. The server was fully exposed and publicly accessible, leaving roughly 420,000 million Facebook IDs and their associated phone numbers...
Read more...
A week ago, Google disclosed findings from its Project Zero Threat Analysis Group, which discovered 14 vulnerability in iOS that were used across five exploit chains. According to Google, the exploits were used over a period of more than two years in a "sustained effort to hack the users of iPhones" by monitoring...
Read more...
Fraudsters are always looking for new ways to cheat someone out of money. A report claims that a company CEO was tricked by scammers who faked the voice of the parent company CEO to get the executive to transfer $243,000 to an external account. The story claims that in March, criminals used commercially available...
Read more...
A member of Google's Project Zero security team has written a lengthy blog post detailing a series of iOS exploit chains discovered in the wild. According to Project Zero's findings, a hacking group underwent a "sustained effort to hack the users of iPhones" for a period of at least two years. This was accomplished...
Read more...
It would seem like common sense if you are among the people attending a hacking conference to secure your devices against attacks. After all, you and your tech gear are walking into the proverbial lion's den. If you were ever going to have your fitness tracker, smartphone, laptop, or other tech device hacked, DEFCON...
Read more...
Due to the inclusion of some important security patches, it is in your best interest to apply Microsoft's latest Patch Tuesday update as soon as possible. At the same time, some users have reported issues getting it to install, while others are blaming the update for borking their PC, saying it is causing random...
Read more...
Not long after Microsoft issued a bevy of security updates for its products during Patch Tuesday, Intel is holding its own "patch party" for its hardware and software products. Products affected include Intel's lineup of NUC mini PCs and Compute Sticks along with a few of its software utilities.
On the NUC front...
Read more...
Unfortunately, we have another security breach to report on today, and this one involves biometric data on over million people that improperly secured. The system in question is the Suprema Biostar 2 platform, which is used to secure commercial and government building around the globe.
Vpnmentor security...
Read more...
Microsoft is warning Windows users of several new "wormable" exploits similar in style to BlueKeep, two of which are tagged as critical Remote Code Execution (RCE) vulnerabilities. As with BlueKeep, which Microsoft patched a few months ago, the exploits exist within the Remote Desktop Services protocol (formerly known...
Read more...
Security researchers have discovered it is possible to hack a digital SLR camera with Wi-Fi capabilities (fast becoming a common feature in modern DSLR cameras) to install ransomware, thereby hijacking a user's photographs. Just as it happens on a PC, the photos would be encrypted, with the attacker threatening to...
Read more...
Researchers recently uncovered Windows kernel security flaws that affect over 40 drivers from 20 different vendors. The vulnerabilities could give attackers access to a device's hardware and firmware. Researchers from Eclypsium shared their troubling findings this past week at the DEF CON 27 security conference in Las...
Read more...
There are plenty of vulnerabilities in the biometrics that are commonly used for unlocking devices today, including fingerprint readers and Apple's Face ID. Researchers at the Black Hat USA 2019 conference this week demonstrated a new attack that allowed them to bypass a victim's Face ID and login to the user's phone...
Read more...
WhatsApp bills itself as a free and secure messaging application with end-to-end encryption and cross platform support, all of which have made it a popular option. However, it may not be as secure as advertised. Vulnerabilities that were disclosed last year have still not been addressed, and if abused, could allow an...
Read more...
Google has announced that its strongest level of protection for personal Google Accounts is now available for Chrome. The Advanced Protection Program is aimed at anyone at risk of targeted attacks, including journalists, activists, politicians, and business leaders. Google notes that it has an evolving list of...
Read more...
You might not have even been aware of this, but last month's Patch Tuesday update for Windows contained a long overdue mitigation for a security flaw in Intel processors. Left upatched, the flaw essentially allows an attacker to bypass fixes that had previously been rolled out to deal with Spectre and Meltdown, the...
Read more...
Apple has traditionally been very protective of its iPhone devices and the mechanisms surrounding iOS—just ask the Federal Bureau of Investigation, which has butted heads with the Cupertino company over encryption. Be that as it may, Apple is reportedly set to hand out special iPhone models to security researchers in...
Read more...
Love it or hate it, Apple has a tendency of waiting longer than some of its competition to roll out bleeding edge features. One of those is an in-display fingerprint sensor. While the technology is found on some Android devices, analyst Ming-Chi Kuo believes Apple will finally introduce the feature on its iPhone...
Read more...
If you have an NVIDIA GPU in your Windows rig – like the new Super family of GeForce RTX graphics cards -- now might be a good time to update your graphics driver to the latest version. NVIDIA has pushed out a new update for its graphics drivers that address a total of five security issues within Windows.
The least...
Read more...
It is big news when a major vulnerability is discovered and exploited in Windows, because there is the potential to do a lot of harm. We saw this when WannaCry crippled UK hospitals for a short time (fortunately, it was mitigated rather quickly). Now, you may not have heard of VxWorks, a real-time operating system...
Read more...
Security researchers at ESET have discovered an active ransomware campaign targeting Android users, thus ending a two-year decline in this form of malware in Google's mobile ecosystem. And unlike past ransomware campaigns, this one employs "some unusual tricks" to attract victims, and then spreads to contacts through...
Read more...
Go ahead and cue the inevitable 'What's in your wallet?' jokes. One potential answer to that question, by the way, is a hacker's fingers. Capital One says an "outside individual" gained unauthorized access and obtained various personal information linked to both existing credit card customers, and people who had...
Read more...
The day of reckoning has come for Equifax for a massive data breach two years ago, but for consumers hoping for more than a slap on a wrist, prepare yourself for disappointed. Equifax's penalty for failing to secure private information belonging to around 147 million Americans is a fine totaling at least $575 million...
Read more...
