security

Wed
17
Apr
John Lister's picture

Ad Blockers Could Be Hijacked

A feature used in several ad blocker tools could be used to "booby trap" websites according to a security researchers. It appears to be a low but credible risk. The problem is all to do with the way many ad blockers work. In simple terms, they ... maintain a blacklist of URLs that host ads and other unwanted material. Whenever a website tries to load an ad from an URL on the list, it's blocked from doing so. Since last summer some ad blockers, including Adblock Plus, added support for a feature called "$rewrite." With this feature, the ad blocker won't just block the unwanted URL from ... (view more)

Tue
16
Apr
John Lister's picture

Internet Explorer Bug Affects All Windows Users

A security researcher says an Internet Explorer flaw could affect people who don't even use the outdated browser. It's a reminder of the dangers of opening unexpected email attachments. John Page has published details of the bug which affects ... version 11 of Internet Explorer (the latest) on both Windows 7, 8 and 10. The bug involves a file format called MHT. It's a format that's not used much these days but used to be common back when Internet Explorer was king. It's used to download an entire web page (including images and other media) into a single file. It's not needed today as browsers can ... (view more)

Mon
08
Apr
Dennis Faas's picture

Scammed by Smart PC Experts? Here's What to Do

Infopackets Reader Bill H. writes: " Dear Dennis, I was on Amazon.com and suddenly a warning message appeared, stating that my PC was infected with a virus and to call 1-866-666-1917 to fix the problem. There was no way to close the window. I called ... the number and spoke to a fellow at Smart PC Experts ( smartpcexperts.com ), who had a very thick Indian accent . They convinced me that my PC was infected with the Zeus Trojan and it needed to be fixed. I allowed them remote access to my machine and they installed some software. After that, they demanded $499 as payment for their services. I was ... (view more)

Wed
03
Apr
John Lister's picture

Microsoft adds 'Tamper Protection' to Windows Defender

Microsoft will add a "tamper protection" feature to the built in antivirus tools in an upcoming Windows 10 update. It's designed to stop malware from switching off key security features in Microsoft Defender. Initially the changes will be available ... for Microsoft Defender Advanced Threat Protection, which is a subscription service for businesses. However, Microsoft appears to have revealed it will later become available to home users of Windows 10. (Source: zdnet.com ) The idea is to prevent rogue apps from disabling some of the weapons in the Microsoft Defender arsenal, in turn making it far ... (view more)

Thu
21
Feb
John Lister's picture

Symantec: Popular Microsoft Apps Hijack PCs

At least eight apps in the official Microsoft Store were secretly designed to use a computer's resources without permission. It undermines Microsoft's efforts to promote the store as a "safe source of software." In the past few years, Microsoft has ... heavily pushed the idea of Windows users getting software from an app store - similar to the way mobile devices work - rather than the more traditional method of getting programs from a third-party sources and installing them directly to the PC or smartphone / tablet. There's even a special 'S' mode for Windows 10 that only allows the ... (view more)

Wed
20
Feb
John Lister's picture

Report: Most Password Managers Not Secure

Security researchers say some major password manager tools could be flawed. But they also say it's still sensible to use them, just with a degree of caution. It's a fact that using the same password for multiple sites is a massive security risk. ... That's because if one site gets hacked, it could mean that hackers can use the same password on another website to gain access to potentially sensitive information, resulting in identity theft or financial loss. Password manager tools (such as Roboform and Dashlane ) aim to overcome two big dilemmas with online passwords - which is keeping passwords ... (view more)

Thu
14
Feb
John Lister's picture

Popular VPN App Laced with Malware, Steals Data

Security researchers have warned a notorious piece of malware has returned to Android. It's in disguise, posing as a legitimate and popular VPN application. Researchers at the security firm Bitdefender have dubbed the malware as "Triout," which was ... first spotted last August. It's a particularly nasty piece of malware as it carries out multiple hostile acts. (Source: bitdefender.com ) These include recording phone calls, reading incoming SMS messages, taking pictures and videos, and collecting location data such as GPS coordinates. Triout is designed to operate without being detected ... (view more)

Wed
13
Feb
John Lister's picture

Russia May Cut Itself Off From Internet

Russia may briefly disconnect from the Internet as a cyber-defense exercise. It's being billed as an attempt to see if the country could keep the benefits of the Internet without having to interact with the rest of the world, though critics suggest ... it is nothing more than political censorship. Russian officials are said to fear that other countries may be taking measures to block its country from the Internet. On paper there does not appear to be any such proposals, though NATO (the North Atlantic Treaty Organization) has threatened some form of sanctions over alleged cyber attacks by Russia ... (view more)

Fri
08
Feb
Dennis Faas's picture

How to Fix: TP-Link Storage Sharing Not Working

Infopackets Reader Sam J. writes: " Dear Dennis, I have an older TPLink TL-WDR3500 router and I would like to attach a USB or external hard drive to it using the ' Storage Sharing ' option so that I can share files through my network. This would be ... ideal for me so I can share my Roboform passwords across devices. The issue is that the Storage Sharing option will only work if I enable CIFS 1.0 protocol in Windows because that is what the router uses to make the attached storage appear as a network drive letter in File Explorer. It is my understanding that CIFS 1.0 has a massive security issue ... (view more)

Thu
07
Feb
John Lister's picture

Security Researcher Refuses to Share Bug with Apple

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)

Pages

Subscribe to RSS - security