Month: December 2017

The hacking community is gaining strength. They are no longer a bunch that does things to simply annoy PC users. They now have the power to bring the whole world to a standstill – WannaCry ransomware served as a perfect example – on any given day. Therefore, given the circumstances, it quite easy for users… Continue reading Antivirus Protection: Do PC Users Really Need Them?

  December 28th, 2017  By Tom Spring   Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such… Continue reading Code Used in Zero Day Huawei Router Attack Made Public

A main theme for 2018 is automation – for good or ill. Cyber-inflicted fatalities and AI induced mass unemployment are weighed against freedom from repetition and a speed and intelligence of response beyond anything we have now to provide a greater understanding of the interrelationships of disparate data.    A few notable quotes:    “Further… Continue reading Predictions A – Z for 2018 – Dystopian or Utopian dawn?

If you have used Jason’s Deli , you need to read this article.   December 28th, 2017   Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion… Continue reading 4 Years After Target, the Little Guy is the Target

December 28th, 2017  By Catalin Cimpanu     Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered.   The avenue for these attacks is a Magento extension named Mirasvit Helpdesk, which allows sites to show a “Chat with us” widget on Magento shops.   In… Continue reading Magento Sites Hacked via Helpdesk Widget

December 28th, 2017  By Rafia Shaikh   Earlier this week we reported that some users in India were seeing a modified prompt when signing up for a new account on Facebook. This prompt asked them to sign up with their name as it appears on their Aadhaar card, replacing the term “real name.” As reported… Continue reading Facebook Says Its “Small Test” in India Wasn’t Meant to Collect Data from the Controversial Aadhaar

December 27th, 2017  By Catalin Cimpanu     Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks.   The vulnerabilities can be exploited by attackers looking for an entry point into corporate networks, but also… Continue reading Flaws in Sonos and Bose Smart Speakers Let Hackers Play Pranks on Users

December 27th, 2017 By Williams Pelegrin   A programmer discovered an exploit in the LastPass Authenticator app The exploit supposedly allows you to view 2FA codes without your fingerprint or PIN LastPass has yet to respond for comment on the issue     Update (12/27): LastPass’s support page on Twitter issued a statement on the… Continue reading LastPass’ Authenticator app might not be as secure as you think

By Scott Simkin on December 27, 2017   The Approach to Cloud Security Should be No Different From the Approach to Network or Endpoint Security   The dynamic and automated nature of the cloud brings many benefits to businesses, from easy setup and delivery of services to predictable maintenance costs. With users accessing data and… Continue reading Why You Should Question These Most Common Cloud Assumptions

December 27th, 2017  By Catalin Cimpanu   Attackers can use sound waves to interfere with a hard drive’s normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with critical operations.   The basic principle behind… Continue reading Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More