Security

Thu
10
Oct
John Lister's picture

New Malware Infects Legit Downloads On the Fly

A new piece of malware can intercept Internet traffic to spot people downloading legitimate installation files and replace them with "infected" copies. Security company Kaspersky went as far as calling it "impressive" from a technical, if not moral ... standpoint. Kaspersky has dubbed the malware "Reductor," after a term that appears in some of the code. It discovered the malware in April, 2019, so the fact it's only just going public suggests it took some serious analysis. (Source: securelist.com ) The malware's operation is exceedingly complicated, but one a machine is infected with ... (view more)

Wed
02
Oct
John Lister's picture

Major VOIP Security Flaws Discovered in Android

Researchers say they discovered eight security flaws in the way Android handles voice calls through the Internet. Unlike most such bugs which involve specific apps, these problems were with Android itself. The good news is that the researchers ... reported all of the bugs to Google while carrying out the project and most have now been fixed. However, it does raise concerns about the development and design of the system itself. (Source: github.io ) The researchers looked at the three latest Android versions (7, 8 and 9), specifically addressing the components that allow Voice Over Internet ... (view more)

Tue
01
Oct
John Lister's picture

Words With Friends DB Hacked; 620M Accounts Leaked

The word "hacked" is worth 16 points in Scrabble. It's also what appears to have happened to a database of 218 million users of the popular online game "Words With Friends." A few weeks ago game creators Zynga said it "recently discovered that ... certain player account information may have been illegally accessed by outside hackers." It didn't give any detail on numbers, but went on to say that account login information may have been accessed. (Source: zynga.com ) Now a hacker has come forth and is attempting to sell the details of 620 million Zynga game accounts, of which 218 million ... (view more)

Thu
26
Sep
John Lister's picture

Latest Internet Explorer Bug a Massive Risk

Microsoft has issued an emergency patch for Internet Explorer. In the most extreme circumstances, a user simply visiting a website could give a hacker complete remote control of a computer. Between Chrome's dominance and Edge becoming the default on ... new Windows machines, Internet Explorer is far from popular and is now used on around 8 percent of desktop computers. However, that still means around a hundred million machines could be affected by this bug. (Source: bbc.co.uk ) It's a sign of how serious the problem is that Microsoft has issued an emergency patch, or as it calls it, an out-of- ... (view more)

Mon
16
Sep
John Lister's picture

Password Manager Bug Exposes Last Used Password

Password manager LastPass has suffered an embarrassing security glitch that reveals a user's last used password, though some security experts argue that pulling off the exploit would have been difficult at best. The purpose of LastPass is to solve ... the problem of people having too many passwords to remember, but not wanting to reuse passwords across multiple sites. Once somebody signs up to LastPass, they create a single master password which is completely secret. Even LastPass itself doesn't store this password, so if a user forgets it, they are out of luck. The master password then stores ... (view more)

Tue
10
Sep
John Lister's picture

Android User? Delete These Apps Now

Nearly half a million users have been infected with "The Joker" malware through the Google Play store. The malware is particularly nasty and works by signing users up to premium services without their knowledge. The malware, spotted by researcher ... Aleksejs Kuprins, was found in 24 apps with a combined 472,000 downloads - though more apps may be found later. As of this writing, the 24 known apps have been removed from the Google Play store. (Source: techradar.com ) Infected Apps Need to be Removed If you have any of the following apps installed on your phone, they should be removed ... (view more)

Mon
09
Sep
John Lister's picture

Gov't, ISP Website Blacklisting to be Less Effective

Mozilla is to make an important change to Firefox browser security. It could reduce risks for users, but has raised concerns among governments and Internet Service Providers (ISPs), as it could limit their tools for filtering and monitoring online ... activity. The change has to do with a feature called DNS-over-HTTPS (DoH), and will first affect users in the US. It's already possible to enable DoH in Chrome, but it takes some technical know-how because the feature currently isn't widely used. DoH is all to do with the DNS (Domain Name System), which is effectively the phone book of the Internet ... (view more)

Wed
04
Sep
John Lister's picture

Use Chrome? Update Now to Fix Major Security Bug

Google has released a security update fixing a major flaw in the Chrome browser. While Chrome normally updates automatically, it's a serious enough problem that it's worth manually checking for updates to the browser in order to be certain. The bug ... was highlighted by the Center for Internet Security, a non-profit organization that crowd sources security problems and fixes. It says the flaw could be exploited simply by the user visiting a compromised web page. It says that: "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the ... (view more)

Wed
28
Aug
John Lister's picture

How to Fix: Delete, Stop Google Calendar Spam

Google Calendar users have been hit by a spate of spam "events" that are nothing more than dubious web links. Users have several ways to stop the problem, but with some drawbacks. The problem involves mysterious entries appearing in Google Calendar, ... sometimes seeming to have been added by friends. Speaking from experience, I had several entries appear for an "event" which was supposedly a time-limited offer to pick up a free iPhone, along with a link to confirm I wanted to take advantage. Although I did not click on the link, it's a safe bet it would not have taken me to the Apple store. ... (view more)

Mon
26
Aug
John Lister's picture

Chrome to Check Passwords Against Hacked Databases

Chrome may soon warn users if their passwords have been compromised. It works by checking inputted passwords against those exposed in public data breaches. The feature is already available for Chrome from an official Google extension known as ... Password Checkup, but users need to actively install this extension to use it. Web browser Mozilla Firefox already has a similar feature built-in. Now a similar feature named "password leak detection" has been spotted in the code of Chrome Canary. That's a version of Chrome that includes test features planned for release in the main Chrome edition in a ... (view more)

Pages

Subscribe to RSS - Security