Security

Mon
20
Sep
John Lister's picture

Apple Patches Critical Image Preview Bug

Apple has patched a security flaw that could compromise phones and tablets just by users receiving a message. The exploit would use an attachment in iMessages but wouldn't require the user to click or open it. It's a potentially very serious flaw ... though ironically that may be the saving factor for most ordinary users. Because it's so serious, experts believe it's most likely to be used for highly targeted attacks. The bug was discovered by researchers at the University of Toronto, who say it's an example of "zero-click spyware". While they've seen similar attacks on Apple devices before, it's ... (view more)

Tue
14
Sep
John Lister's picture

MS Office, Internet Explorer Form Zero Day Attack

Security experts have warned users to take extra care opening Microsoft Office files. An unpatched bug in Internet Explorer can affect users regardless of their preferred browser. The bug takes advantage of the way Office files can open links in ... Internet Explorer. It means that attackers can craft Office files that, once opened, automatically load an "attack" page in Internet Explorer that installs malware. Exactly what malware to install is up to the attacker. There is some protection for some users. In many cases, Office will by default open a document in Protected View, which blocks links ... (view more)

Thu
19
Aug
John Lister's picture

T-Mobile Allegedly Hit By Massive Breach

T-Mobile is investigating claims a hacker stole sensitive data about more than 100 million customers. It hasn't confirmed or denied claims. The haul included social security numbers and driver license information. The alleged breach was first ... reported by Motherboard, which spotted a hacker forum post from somebody attempting to steal the data. The would-be seller says it comes from multiple T-Mobile servers and contains "full customer info" on US customers. The seller claims the haul includes names, phone numbers and physical addresses, along with IMEI numbers that identify individual ... (view more)

Wed
11
Aug
John Lister's picture

Three Random Words 'Best Password Strategy'

A government agency says three "random" words make for a better password than many other approaches. It says other strategies such as adding symbols and numbers can be counterproductive. The advice comes from the National Cyber Security Center ... (NCSC). That's a body in the United Kingdom that deals with major security breaches and gives advice to businesses and other government organizations. According to the NCSC, the advice is aimed at people who try to remember passwords. It says password manager tools are a good solution but remain widely unused. (Source: gov.uk ) Predictable Appr0@ch! The ... (view more)

Tue
10
Aug
John Lister's picture

Report Condemns Government Cyber Security

A Senate committee has slammed cyber security in eight federal government agencies. The committee said most were failing basic security standards and had shown minimal improvements since a previous report. The report comes from the Committee on ... Homeland Security and Governmental Affairs. It followed up on a similar report from another committee in 2019. Both reports looked at issues including: Whether the agencies adequately protected personal information. Whether they kept track of the various IT equipment and systems they used. Whether they installed security patches quickly enough. Whether ... (view more)

Wed
04
Aug
John Lister's picture

Fake Windows 11 Riddled With Malware

A security company has warned that scammers are using bogus copies of Windows 11 to distribute malware. Kaspersky reminds users that Microsoft's Windows Insider test program is the only place to get the real deal. While the average user can safely ... wait until the system's official release, tech enthusiasts may be eager to get their hands on Windows 11. That interest may well rise in the coming days with the first release of a beta edition that, in theory at least, is complete and much less likely to crash than the currently available "dev" edition. Kaspersky notes that several rogue sites are ... (view more)

Wed
28
Jul
John Lister's picture

Russian Ransomware Group Suffers Big Blow

A ransomware gang said to have Russian links appears to have been knocked offline. The REvil group recently demanded a $70 million ransom after a major attack. The group was linked to two recent attacks, the first on an international meat processing ... company. JBS, which is estimated to process 20 percent of the beef and pork sold in the US, had to shut down production while dealing with the breach. An even more serious attack targeted Kaseya, a company that not only offers computing services to businesses, but also powers many managed service providers that run IT for their own clients. The ... (view more)

Thu
08
Jul
John Lister's picture

Nine Rogue Android Apps to Delete Right Now

Nine popular Google Play apps were actually scams to steal Facebook logins according to a security company. Although Google has removed some of them, they may still be on devices. All the apps were promoted as performing a simple task and appear to ... have worked as designed. Although that meant more effort for the developers, the idea was to make users less suspecting that the apps were actually harmful. The affected apps had the following names and functions: App Lock Keep (child safety tool) App Lock Manager (child safety tool) Horoscope Daily (astrology) Horoscope Pi (astrology) Inwell ... (view more)

Tue
18
May
John Lister's picture

Security Keys Could Kill The CAPTCHA

Humans as a whole spend 500 years each day completing CAPTCHA challenges according to a new estimate. The company behind the claim says USB security devices would be a more sensible way to confirm somebody is a human. The data from Cloudflare is ... about CAPTCHAs: Completely Automated Public Turing test to tell Computers and Humans Apart. It's tests such as recognizing a string of letters on an unclear background or picking out images that contain a particular thing such as a boat or traffic light. The idea is to limit automated visits to a web page or form submissions, for example to limit ... (view more)

Thu
29
Apr
John Lister's picture

Facebook Slammed For Teen Ad Targeting

A campaign group claims Facebook lets users target ads at children based on interests such as smoking, drinking alcohol and gambling. Facebook says it has adequate measures to find and block such ads both before and after publication. The claims ... come from Reset Australia, which says it ran an experiment posing as the fictional "Ozzie News Network." It set up an advertising account on Facebook to see what options were available. In theory, Facebook has an outright ban on advertising adult topics such as alcohol to under 18s. Reset Australia says this failed in two ways: it was able to target ... (view more)

Pages

Subscribe to RSS - Security