Items tagged with security
This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an automated worm with zero user interaction required, and it gives the remote attacker the ability to execute code on the...
Read more...
An app designed for Verizon in-store demos, identified as Showcase.apk, has left several generations of Pixel smartphones vulnerable to a number of different types of attacks. The app has been around since 2017, and places nearly every Pixel device sold during that time at risk. However, Google remarked it is...
Read more...
Yet another leak of stolen data has made its way to Breach Forums, a popular site for bad actors who traffic in this kind of data theft. The data originates from the breach of National Public Data, which is a service that gathers information from separate sources to form profiles on individuals located in several...
Read more...
If you're rocking an AMD build, there's a high chance you're vulnerable to a serious security flaw that's been dubbed Sinkclose. That Ryzen 7 7800X3D pictured above? It's affected, as is the entire Ryzen 7000 series range and a slew of other processor models dating back to 2006. Another tidbit that won't give any AMD...
Read more...
While many Samsung smartphone owners may have been waiting for One UI 6.1.1 to drop this month, the company instead dropped an urgent security patch for millions of Galaxy devices. The new August security update addresses a few security vulnerabilities, and Samsung is urging its users to update ASAP.
Samsung...
Read more...
Google has a post up on its security blog that is half advertisement and half PSA-style announcement for Android users: go into your settings and turn off the "Allow 2G" toggle. This option, added in Android 12 back in 2021, does exactly what it sounds like: it turns off support for 2G cellular networking. Why would...
Read more...
Security firm Cleafy has discovered a new piece of Android malware being used in the wild, dubbed BingoMod. BingoMod is designed to steal money from a victim by committing On Device Fraud, which makes it easier to bypass security measures used by banking institutions. The threat actors appear to be targeting users...
Read more...
Android spyware dubbed Mandrake is back after being caught in 2020, managing to sneak back into the Google Play Store in 2022 and remaining available until spotted by Kaspersky in April of 2024. During those two years, Mandrake managed to accumulate 32,000 victims with the distribution of several apps, with the most...
Read more...
A major security vulnerability that was once thought to only affect Google's Pixel devices actually casts a wider net within the Android ecosystem. In response, Samsung is fast-tracking an update for millions of Galaxy devices, according to information the world's biggest smartphone player (in terms of market share)...
Read more...
Amazon Prime Day 2024 has arrived, and deals abound on a wide assortment of items across broad range of categories. That includes Amazon's own hardware, naturally. To that end, you can find great deals on Blink security cameras, Ring video doorbells, and more.
Blink Outdoor 4
The world is a crazy place, and making...
Read more...
AT&T on Friday issued a notice saying it suffered a data breach that affects "nearly all" of its cellular customers (not to be confused with a separate AT&T data breach earlier this year). At last official count, AT&T said it serves around 109 million wireless subscribers, and given that most of those customers are...
Read more...
Apple users located across 98 countries have received notifications from the company that they have been targeted in a recent spyware campaign, according to a report by TechCrunch. This is part an initiative by Apple to warn users who are typically at higher risk of being targeted in these kinds of attacks, such as...
Read more...
Whenever there is a data breach, there's a risk that the stolen data will find its way to the dark web, a section of the internet that is not indexed by search engines like Google Search and Microsoft Bing. Like a seedy alleyway, the dark web is a place where illicit transactions can (and do) take place. Stolen credit...
Read more...
Google announced it is making it easier for high-risk users to enroll in its Advanced Protection Program via a new single passkey option. Google implemented support for passkeys in early 2023, while later making passkeys the default method to sign into Google accounts.
Security is always on the minds of those who...
Read more...
Security firm Symantec has posted a bulletin about a smishing (SMS phishing) campaign currently targeting Apple users in the United States. The end of goal for these threat actors is to take over a user’s Apple ID, which provides them access to an individual’s personal information, financial information, and...
Read more...
A nasty banking trojan is taking aim at Android users in the United States and half a dozen other countries. It goes by two names, Medusa and TangleBot, but whatever you want to call it, the cause for concern is that it's a more nimble version that's tougher to detect than the one that wreaked havoc before seemingly...
Read more...
Cybersecurity firm Check Point Research has discovered a potent piece of Android malware, called Rafel, being utilized by threat actors. The malware is an open-source remote administration tool (RAT) and Check Point Research says that it has already observed “an espionage group leveraging Rafel in their...
Read more...
It appears that AMD is now the latest victim of cybercrime and a data breach, as company data is being offered for sale on a message board frequented by criminal hackers. AMD acknowledged the situation in a statement, noting that, "we are aware of a cybercriminal organization claiming to be in possession of stolen AMD...
Read more...
When the first batch of Copilot+ PCs release to retail next week (they're already up for preorder), they'll be missing a key AI feature that Microsoft remains bullish on—Recall, which aims to make it easier for users to retrace their steps by taking snapshots every five seconds. While the intent of this functionality...
Read more...
Google is pushing out is June 2024 security update for supported Pixel devices like the Pixel 8 Pro and Pixel 8, with fixes for over 50 security vulnerabilities, over half of which carry a Critical or High severity rating. One of the most alarming of the bunch, however, is a zero day flaw in firmware. While it...
Read more...
While most of the excitement surrounding Apple’s Worldwide Developer’s Conference (WWDC) is about how it will integrate AI into its product lineup, the company will also be debuting a new password management app. Bloomberg’s Mark Gurman says this new feature will be included in the upcoming releases of iOS 18 iPadOS...
Read more...
Microsoft is somewhat pulling in the reins on its Recall feature, which is a key part of the company's Copilot+ initiative for next-gen PCs (starting with Snapdragon X Elite/Plus systems). In theory, Recall is supposed to make life easier for users by helping to find things by continually taking snapshots of content...
Read more...
