The hacking community is gaining strength. They are no longer a bunch that does things to simply annoy PC users. They now have the power to bring the whole world to a standstill – WannaCry ransomware served as a perfect example – on any given day. Therefore, given the circumstances, it quite easy for users… Continue reading Antivirus Protection: Do PC Users Really Need Them?
Month: December 2017
Code Used in Zero Day Huawei Router Attack Made Public
December 28th, 2017 By Tom Spring Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such… Continue reading Code Used in Zero Day Huawei Router Attack Made Public
Predictions A – Z for 2018 – Dystopian or Utopian dawn?
A main theme for 2018 is automation – for good or ill. Cyber-inflicted fatalities and AI induced mass unemployment are weighed against freedom from repetition and a speed and intelligence of response beyond anything we have now to provide a greater understanding of the interrelationships of disparate data. A few notable quotes: “Further… Continue reading Predictions A – Z for 2018 – Dystopian or Utopian dawn?
4 Years After Target, the Little Guy is the Target
If you have used Jason’s Deli , you need to read this article. December 28th, 2017 Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion… Continue reading 4 Years After Target, the Little Guy is the Target
Magento Sites Hacked via Helpdesk Widget
December 28th, 2017 By Catalin Cimpanu Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered. The avenue for these attacks is a Magento extension named Mirasvit Helpdesk, which allows sites to show a “Chat with us” widget on Magento shops. In… Continue reading Magento Sites Hacked via Helpdesk Widget
Facebook Says Its “Small Test” in India Wasn’t Meant to Collect Data from the Controversial Aadhaar
December 28th, 2017 By Rafia Shaikh Earlier this week we reported that some users in India were seeing a modified prompt when signing up for a new account on Facebook. This prompt asked them to sign up with their name as it appears on their Aadhaar card, replacing the term “real name.” As reported… Continue reading Facebook Says Its “Small Test” in India Wasn’t Meant to Collect Data from the Controversial Aadhaar
Flaws in Sonos and Bose Smart Speakers Let Hackers Play Pranks on Users
December 27th, 2017 By Catalin Cimpanu Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks. The vulnerabilities can be exploited by attackers looking for an entry point into corporate networks, but also… Continue reading Flaws in Sonos and Bose Smart Speakers Let Hackers Play Pranks on Users
LastPass’ Authenticator app might not be as secure as you think
December 27th, 2017 By Williams Pelegrin A programmer discovered an exploit in the LastPass Authenticator app The exploit supposedly allows you to view 2FA codes without your fingerprint or PIN LastPass has yet to respond for comment on the issue Update (12/27): LastPass’s support page on Twitter issued a statement on the… Continue reading LastPass’ Authenticator app might not be as secure as you think
Why You Should Question These Most Common Cloud Assumptions
By Scott Simkin on December 27, 2017 The Approach to Cloud Security Should be No Different From the Approach to Network or Endpoint Security The dynamic and automated nature of the cloud brings many benefits to businesses, from easy setup and delivery of services to predictable maintenance costs. With users accessing data and… Continue reading Why You Should Question These Most Common Cloud Assumptions
Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More
December 27th, 2017 By Catalin Cimpanu Attackers can use sound waves to interfere with a hard drive’s normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with critical operations. The basic principle behind… Continue reading Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More