Items tagged with security
Everyone has to deal with scams and phishing attempts online today, even Google. To protect its workers from phishing scams that could result in the theft of IP, Google took advantage of security keys for all its 85,000 workers. Since that roll out, no accounts have been compromised. The keys are USB-based security...
Read more...
If your laptop contains sensitive data, it is best not to leave it unattended. That is sound advice even it does not have any work secrets or other potentially compromising data, and you want to avoid falling prey to malware. In case you need a reason why, a security firm recently posted a video showing how quickly a...
Read more...
Hauwei is far and away best known for its smartphones and, to some extent, it's line of laptops like the Matebook X Pro. However, it also manufacturers routers and gateways, and one of its older models, the HG532, contains a vulnerability that a malware author exploited to create a fairly large botnet. What's...
Read more...
Security conscious computer users might wonder if we will ever fully put Spectre vulnerabilities behind us. Researchers were still discovering new vulnerabilities related to Spectre early this year. Intel is working to protect users from the vulnerability and only a few days ago it announced a patch for side-challenge...
Read more...
Windows is more secure today than it was at the beginning of the week. That is how it typically goes after the second Tuesday of each month, otherwise known as Patch Tuesday, when Microsoft doles out a collection of security updates and fixes. This particular Patch Tuesday saw Microsoft dish out 54 bug fixes...
Read more...
Spectre and Meltdown have been the source of major headaches for the industry at large, and in particular Intel, which scurried to release firmware updates to mitigate the side-channel attacks. While now mostly in the rear view mirror, security researchers have discovered another side-channel vulnerability, which is...
Read more...
China has no love for Taiwan, and the former's censorship has led to strange issues for some iPhone users. If users have their region set to China and someone sends them the Taiwan flag emoji, a bug in iOS could cause the app to crash. That bug has the potential to allow a remote user to launch a denial of service...
Read more...
Apple has launched iOS 11.4.1 and this is the update that adds USB Restricted Mode to the iPhone. The intention with USB Restricted Mode was to lock down the USB port of an iPhone to block intrusion techniques using third-party devices to crack the passcode of devices.
USB Restricted Mode deactivates USB data...
Read more...
Are you concerned about who might be reading your emails? You should be, especially if you allow third-party app developers to access your Gmail account, as many of them request. A recent report highlighted the extent of which third-party app developers can access private information, prompting Google to respond with...
Read more...
A team of researchers has discovered a vulnerability in Android that was thought to be already patched by Google, but is theoretically able to bypass current mitigations and gain unauthorized access to handsets and tablets. Called RAMpage, it's utilizes variations of the Rowhammer attack method that Google's security...
Read more...
A new attack that takes advantage of flaws that are inherent to LTE technology has surfaced called aLTEr. The exploit was discovered by an international team of security researchers and is able to redirect users to hostile websites. The exploit works in part by taking advantage of the fact that there is no integrity...
Read more...
Intel and its partners have been busy mitigating Spectre and Meltdown, which are two types of speculative side-channel CPU attacks that, if exploited, could potentially expose a user's sensitive data. Most of the mitigations have already been put in place. Other similar vulnerabilities have started to emerge, however...
Read more...
Stronger wireless security is headed to homes and businesses. That's because the Wi-Fi Alliance this week formally introduced Wi-Fi Certified WPA3, the next generation of Wi-Fi security with new capabilities to bolster personal and enterprise wireless networks. The new standard builds upon and ultimately replaces...
Read more...
Data breaches have become way too common, and we are not just talking about personal accounts being compromised through phishing attacks, malware, and the like. Companies with an online presence (so pretty much every company in the world) are targets, and since many sites require that you register with an email...
Read more...
Google is rolling out something akin to DRM for Android APKs as a way to verify that apps originated from the Play Store. Rogue apps that are malware-ridden are running rampant these days, so this is just an extra layer of security that Google is implementing to help safeguard Android users from attacks.
The new...
Read more...
The Car Connectivity Consortium (CCC) has announced that it has published the Digital Key Release 1.0 specification. That specification is a standardized solution that is designed to eliminate the keys and fobs we all carry for our cars today and replace them with a digital version that lives on your smartphone. The...
Read more...
Malware is a huge problem for computer users today as the threat posed by malicious software continues to increase. A new botnet was recently detected in a live environment for an unnamed client of Deep Instinct, a security firm.
The security firm says that the botnet, dubbed Mylobot, uses three different layers of...
Read more...
A pair of macOS security experts have discovered a bug in the latest version of macOS that exposes the contents of files, including ones that are encrypted and are supposed to be safe from prying eyes. The security flaw exists within Apple's 'Quick Look' feature, which caches thumbnails and names of files, even when...
Read more...
Researchers have discovered a new strain of malware for Android devices that combines different styles of attack into a single package.
Called MysteryBot, the new malware hits victims with a banking Trojan, keylogger, and ransomware in one fell swoop. The good news here is that the cybercriminals responsible for...
Read more...
Apple wants to make it harder for anyone to gain unauthorized access to iPhones with a new USB Restricted Mode in iOS 12. That move infuriated law enforcement as it meant that the GrayKey iPhone hacking tool (and others from Cellebrite) used by authorities to crack iPhones would be useless. Grayshift, the company...
Read more...
Apple has confirmed plans to bolt shut a security hole in iPhone devices that law enforcement agencies have been using to gain entrance into locked handsets after seizing them from suspected criminals. As can be imagined, those same agencies are none too pleased with Apple's decision. As far as Apple is concerned...
Read more...
A newly discovered security vulnerability in modern Intel X86 processors has been revealed that affects the processor's speculative execution technology – like Spectre and Meltdown – and can be used to access sensitive information, including encryption related data. Over the last day or two, patches have quietly...
Read more...
