Items tagged with security
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer’s PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier...
Read more...
In the last couple of days, Apple has notified its users in 92 different countries that a spyware attack targeted them. While this is not necessarily a new type of notice, Apple has reportedly elected to change its phrasing around the messaging, supposedly due to pressure from Indian government officials. If you have...
Read more...
End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have...
Read more...
I guess the Notepad built into Windows is fine, but it could be better. It could have more features, cleanliness, and could simply just be iterated on as an improvement. Thankfully, there is Notepad++, a free and open-source Notepad replacement and code editor, which has become incredibly popular. With this...
Read more...
Contrary to what some may think, hackers can have scruples and, in some cases, honorable intentions—it's kind of the whole idea behind white hat hacking and events like Pwn2Own. But then there are the kind who wouldn't think twice about breaching a cancer center and swipe personal details of hundreds of thousands of...
Read more...
The Federal Trade Commission is warning the American people to be on guard as threat actors are making use of business and government impersonation scams to do serious damage. The agency is reporting a combined loss of over $1.1 billion in 2023 due to these types of fraud, which is three times as much as what the...
Read more...
Twenty years ago today, Google launched a new product that was initially thought to be an April Fools' Day prank. However, that was quite the opposite, creating Gmail, which would eventually come to have over a billion users with an unfathomable quantity of emails in their accounts. While the history of how Gmail came...
Read more...
AT&T is in the process of alerting millions of current and former account holders of an alarming data leak that exposed sensitive details to the dark web, including social security numbers. An initial investigation suggests that the leaked data set is from 2019 or earlier, and contains "personal information"...
Read more...
Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting caught before it became pervasive, it goes to show that with a bit of social engineering and laying low for a while, you...
Read more...
A team of researchers recently found a side-channel vulnerability in Apple’s custom SoC architecture that does not appear patchable and allows for the theft of encryption keys.
The research team, which hails from six different universities around the United States, published its findings and is calling it the...
Read more...
Most experts would suggest that humans are the weakest link in cybersecurity, which is evidenced by the pervasiveness of phishing emails and whatnot. However, it’s not just end users that can be a problem. System administrators are human too, and can introduce serious problems just the same. This is what a group of...
Read more...
Over the weekend, the hero shooter game Apex Legends, made by EA and Respawn Entertainment, held a tournament that was reportedly compromised by hackers. Multiple players' systems were breached, and game cheats such as X-ray vision and aimbots were installed. How exactly this happened is unclear at this time, but it seems as if it is an issue
Read more...
StopCrypt ransomware is one of the most prolific yet underreported ransomware families due to its usual target of individuals rather than high-profile businesses or larger entities. We may not see this strain of ransomware in the United States as much, but it is still a threat regardless, and an evolving one at that...
Read more...
Google Chrome users are about to get a more secure browsing experience thanks to some updates coming to desktop and iOS. Google Safe Browsing will be getting real-time, privacy-preserving URL protection, while useful additions are coming to Password Checkup. Android users will need to wait a little bit, as these...
Read more...
This week, researchers have reported that earlier this year, threat actors leveraged a vulnerability in Windows to deploy DarkGate malware after phishing the victim for initial access. The vulnerability tracked as CVE-2024-21412 led to users running fake Microsoft software installer (.MSI) packages that looked like...
Read more...
Over the past few months, the infamous ransomware group LockBit has faced significant turmoil, including threatening a forum administrator with murder. All while this was happening, members of the group like Mikhail Vasiliev were sitting in jail, awaiting trial for their cybersecurity crimes. Now, Vasiliev has been...
Read more...
Account credentials and personal data are hot commodities online, which often going up for sale at low prices so shady characters can move thousands of accounts quickly. This is reportedly what has happened to just over 15,000 Roku customers who had their accounts compromised due to credential stuffing attacks that...
Read more...
A new feature in the latest beta for WhatsApp gives users more peace of mind that their messages and calls made within the app are end-to-end encrypted. The latest enhancement provides a visual confirmation that their chats are indeed securely encrypted using the Signal protocol.
Most people who use WhatsApp do so...
Read more...
Researchers have shown that running a man-in-the-middle attack against a Tesla owner can potentially compromise their account, unlock their car, and ultimately allow threat actors to drive away with it. There are, of coruse, a number a caveats. Much of this hinges on some social engineering, and tricking the Tesla owner to use a spoofed Wi-Fi
Read more...
The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) is the primary interface between the public and the U.S. government, to report cybercrime and collect information about cybersecurity threats. The IC3 recently published a paper outlining a significant increase in reports and losses throughout...
Read more...
Following yesterday's report on an Air National Guard member sharing classified documents around the Internet, it seems the U.S. Government cannot catch a break. A 63-year-old civilian member of the U.S. Air Force assigned to U.S. Strategic Command was arrested on March 2nd “allegedly conspiring to transmit and...
Read more...
Facebook, Instagram, and other Meta-owned properties went down earlier today and are still suffering from the aftershocks. Reports initially started to surface suggesting that threat actors were behind this and that it was a DDoS attack, but Meta appears to be claiming otherwise. Whether this was a technical issue or...
Read more...
