FBI forced Flax Typhoon to abandon its botnet 2024-09-19 at 14:16 By Zeljka Zorz A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operations to take control of […]
React to this headline:
FBI forced Flax Typhoon to abandon its botnet Read More »
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by
React to this headline:
Malware peddlers love this one social engineering trick! 2024-06-17 at 16:16 By Zeljka Zorz Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning. The message warns of a problem but also offers a way to fix it (Source: Proofpoint) Social engineering users to install malware
React to this headline:
Malware peddlers love this one social engineering trick! Read More »
361 million account credentials leaked on Telegram: Are yours among them? 2024-06-04 at 15:03 By Zeljka Zorz A new trove of 361 million email addresses has been added to Have I Been Pwned? (HIBP), the free online service through which users can check whether their account credentials and other data has been compromised in one
React to this headline:
361 million account credentials leaked on Telegram: Are yours among them? Read More »
Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) 2024-05-08 at 16:31 By Zeljka Zorz Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same
React to this headline:
Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) Read More »
Microsoft, Google widen passkey support for its users 2024-05-03 at 14:46 By Zeljka Zorz Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives. Despite decades of often-repeated statements proclaiming the death of
React to this headline:
Microsoft, Google widen passkey support for its users Read More »
UK enacts IoT cybersecurity law 2024-04-29 at 17:01 By Zeljka Zorz The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy. “Most smart devices are manufactured outside the UK, but
React to this headline:
UK enacts IoT cybersecurity law Read More »
Apps secretly turning devices into proxy network nodes removed from Google Play 2024-03-26 at 12:16 By Zeljka Zorz Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that
React to this headline:
Apps secretly turning devices into proxy network nodes removed from Google Play Read More »
BSAM: Open-source methodology for Bluetooth security assessment 2024-03-13 at 08:39 By Zeljka Zorz Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were real tests
React to this headline:
BSAM: Open-source methodology for Bluetooth security assessment Read More »
Avast ordered to pay $16.5 million for misuse of user data 2024-02-23 at 13:18 By Help Net Security The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes to settle charges that the company and its subsidiaries
React to this headline:
Avast ordered to pay $16.5 million for misuse of user data Read More »
Microsoft will offer extended security updates for Windows 10 06/12/2023 at 16:16 By Zeljka Zorz Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay
React to this headline:
Microsoft will offer extended security updates for Windows 10 Read More »
Quishing: Tricks to look out for 26/10/2023 at 11:01 By Zeljka Zorz QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are two-dimensional matrix barcodes used for tracking products, identifying items, simplifying actions such as connecting to a
React to this headline:
Quishing: Tricks to look out for Read More »
Google ads for KeePass, Notepad++ lead to malware 19/10/2023 at 12:16 By Zeljka Zorz Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search engine ads is a constant,
React to this headline:
Google ads for KeePass, Notepad++ lead to malware Read More »
Researchers warn of increased malware delivery via fake browser updates 17/10/2023 at 13:32 By Zeljka Zorz ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoia researchers have concluded. About ClearFake ClearFake
React to this headline:
Researchers warn of increased malware delivery via fake browser updates Read More »
Sic Permission Slip on data brokers that use your data 12/10/2023 at 08:31 By Helga Labus Permission Slip, an iPhone and Android app developed by Consumer Reports, helps users ask companies and data brokers to stop sharing their personal data and/or delete it. The Permission Slip app (Source: Consumer Reports) US consumer data privacy laws
React to this headline:
Sic Permission Slip on data brokers that use your data Read More »
Easy-to-exploit Skype vulnerability reveals users’ IP address 29/08/2023 at 13:32 By Zeljka Zorz A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vulnerability The security vulnerability has
React to this headline:
Easy-to-exploit Skype vulnerability reveals users’ IP address Read More »
Surge in identity crime victims reporting suicidal thoughts 23/08/2023 at 15:02 By Helga Labus Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the 2023 Consumer Impact Report from the Identity Theft Resource Center (ITRC) and Experian. The report
React to this headline:
Surge in identity crime victims reporting suicidal thoughts Read More »
Bogus OfficeNote app delivers XLoader macOS malware 23/08/2023 at 14:33 By Helga Labus A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers
React to this headline:
Bogus OfficeNote app delivers XLoader macOS malware Read More »
Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out 02/08/2023 at 08:02 By Zeljka Zorz The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to people globally, so that they can browse the internet privately,
React to this headline: