John Lister's picture

LastPass Blunder Causes Security Scare

Users of popular password manager tool LastPass have reported worrying emails that suggest their master passwords have been compromised. LastPass says the emails may have been sent mistakenly and that it has no evidence of any security breach. Like ... most such tools, LastPass let users create a single memorable password, the name coming from the idea it's the "last password" users will ever need to remember. This password is necessary to unlock a private vault of stored encrypted passwords for other sites. One of the big keys to the service is that LastPass itself has no access to the master ... (view more)

John Lister's picture

New Ransomware Exploits Excel Format

A new ransomware variant takes advantage of a Microsoft Excel feature. It's a good reminder to keep security software up-to-date. The variant has been reported by security company Lastline. It involves a known ransomware called Paradise that ... operates in the familiar fashion: the attackers find a way to get remote access to a computer then encrypt files and demand a fee to restore access - sometimes in the tens of thousands of dollars, or much higher. In this case, the attackers try to trick victims into opening a file attachment that creates the opening for accessing the machine. The ... (view more)

John Lister's picture

New Malware Hides Inside Audio Files

Most people know not to open an executable file or document attached to an email unless they were expecting it. But a new example of malware means even an audio file could trigger a payload. Researchers at Blackberry Cylance Threat recently ... uncovered malicious code hidden inside WAV files. That's a computer format for audio that was common for music on PCs before MP3 became established. The attackers are using a technique called steganography, which is a way to hide a file inside another file in a way that normally cannot be detected. Steganography has previously been used in image files, and ... (view more)

John Lister's picture

Phishing Scammers Try New Twist

An estimated one million people around the world received a recent phishing email, though it only posed a risk for around an hour before Google stepped in to stop the scam in its tracks. Victims of the scam may have inadvertently given attackers ... control of their email accounts. The attack involved a bogus email claiming that a contact tried to share a document with the recipient using Google Docs. While only a small proportion of people use Google Docs, the attackers appear to have been playing the numbers game. Attackers Accessed Emails and Contacts Unlike most phishing scams, the attackers ... (view more)

John Lister's picture

IRS Online Security Breach Affects 100k Taxpayers

The IRS has revealed that cyber attackers managed to trick its system in handing over more than 100,000 access codes for user accounts. Fortunately the breach was discovered before any sensitive data was compromised. The attack followed a data theft ... from a source outside of the IRS. The agency hasn't revealed what that was, but it appears to have involved a stolen list that included social security numbers. The attackers then set an automated program, or "bot" to work. Using stolen social security numbers (sourced from outside the IRS), the bot was used to generate E-file PINs ... (view more)

Dennis Faas's picture

What Privacy? Security Survey Pessimistic

Scary: A recent survey sponsored by Deloitte ... (view more)

Subscribe to RSS - attackers