Security

Wed
01
Apr
John Lister's picture

Edge Browser Gets New Features, Based on Chrome

Microsoft has unveiled a range of new features for its Edge browser. They include vertically arranged tabs, enhanced cut and paste, and warnings of potential password breaches. Edge has been somewhat light on new features recently as Microsoft has ... been concentrating on major behind-the-scenes changes. The browser used to run on Microsoft's own code but is now based on Chromium , the same open source code behind Google's Chrome. Microsoft hopes that will tempt over some Chrome users who should be able to use many of their existing browser extension tools in Edge. However, it's also adding some ... (view more)

Mon
30
Mar
John Lister's picture

Hackers Infect Routers; Deploy COVID-19 Malware

A new attack on Internet users combines multiple tactics into a nasty strategy. The scam includes hacking routers, redirecting users to bogus sites, and preying on fear to trick people into installing malware. The first step in the attack involved ... the hackers taking control of home and small business routers, with Linksys and D-Link models targeted. Exactly how they are doing this isn't certain, but it appears to involve a brute force attack through the optional feature that lets users access their router settings from any Internet-connected computer. Brute force is effectively an automated ... (view more)

Wed
25
Mar
John Lister's picture

Critical Security Flaw Hits Windows 7 and 8 Hardest

Microsoft has warned users of a significant unpatched security flaw in Windows. It's offered some key steps to take while the problem is being fixed. The problem affects all currently supported versions of Windows, though Windows 7 and 8 machines ... are affected 'critically' according to the Microsoft advisory bulletin. Attacks on Windows 10 machines are considerably more constrained due to its enhanced security features. Microsoft says its currently only aware of targeted attacks on Windows 7 machines, though that could change now the bug has been made public. (Source: microsoft.com ) Adobe ... (view more)

Tue
24
Mar
John Lister's picture

Warning: Windows Defender May Break (Workaround)

Windows 10's built-in security tool Windows Defender has stopped working properly for some users. There's a workaround for those who want added peace of mind. Exactly what's causing the problem isn't yet clear, but some users are finding both manual ... and automatic scans produce messages such as: "Items skipped during scan: The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings." In other cases, the error message reports that the entire scan was skipped. The message isn't proving particularly helpful as it's not clear what items are actually being ... (view more)

Thu
12
Mar
John Lister's picture

New Ransomware Exploits Excel Format

A new ransomware variant takes advantage of a Microsoft Excel feature. It's a good reminder to keep security software up-to-date. The variant has been reported by security company Lastline. It involves a known ransomware called Paradise that ... operates in the familiar fashion: the attackers find a way to get remote access to a computer then encrypt files and demand a fee to restore access - sometimes in the tens of thousands of dollars, or much higher. In this case, the attackers try to trick victims into opening a file attachment that creates the opening for accessing the machine. The ... (view more)

Thu
05
Mar
John Lister's picture

Malware-Free Cyber Attacks on the Rise

Most online attacks don't involve malware, according to newly published figures. It's the first time "fileless techniques" have been in the majority. The figures come from an annual report by security company CrowdStrike. It says it analyzed its own ... customer data along with that from investigations into known attackers and data from reported incidents. According to the report, malware-free attacks made up 51 percent of the total during 2019, up from 40 percent the previous year. The tactics were particularly prevalent in North America, making up 74 percent of attacks. (Source: zdnet.com ) As ... (view more)

Tue
03
Mar
John Lister's picture

Unsafe VPN Android Apps Threaten Privacy

Some of the most popular VPN apps for Android are dangerous to use, according to a leading review site. The VPN apps, which are supposed to protect privacy, actually expose users to attacks according to VPN Pro. A VPN, or virtual private network, is ... meant to be a way to boost privacy online. It works by re-routing traffic through a middle-man server to make it appear that your IP is in another location. When configured properly, the VPN effectively creates a secure online connection that means even though data is going through the Internet, it can't be read by anyone other than the sender and ... (view more)

Wed
26
Feb
John Lister's picture

Chrome Users: Update Now to Patch Critical Bug

Google has issued a critically important update to its Chrome browser due to a nasty zero day bug. The browser should update automatically for most users, but the bug is serious enough that it's a case of checking to ensure that the update has been ... successfully applied. The update fixes three security problems, one of which is a critical. It means hackers were actively exploiting the problem before Google fixed it - meaning the update process gave users a zero day head start on the bad guys (hence the term, ' zero day exploit '). Perhaps unsurprisingly, Google isn't saying much at all about ... (view more)

Mon
24
Feb
John Lister's picture

Gas Pipeline Shut Down After Ransomware Attack

Ransomware forced an unplanned shutdown of a US gas pipeline for two days. It's not yet clear if the attackers intended to have that effect. The full details, including the identity of the pipeline and its operators, have been kept under wraps. The ... only official information that's been made public comes from a security alert bulletin by the Department of Homeland Security (DoHS). (Source: us-cert.gov ) The attack started as an all-too-familiar "spear phishing" attack. That's a deliberately targeted email that tries to fool somebody (that typically works for a corporation) into clicking on a ... (view more)

Thu
20
Feb
John Lister's picture

Google: OEM Mods Make Android OS Less Safe

Google says phone and tablet makers who alter Android's code to add security measures may actually be undermining security. It says device manufacturers should stick to Android's own measures. Jann Horn of Google's Project Zero security team ... specifically pointed to an alteration made by Samsung for the Galaxy A50 phone, which he says contained a bug that made the device vulnerable to attack. He says he discovered and reported the bug to Samsung in September 2018 but it wasn't patched until Samsung's security updates released this month. (Source: blogspot.com ) Ironically Horn believes the ... (view more)

Pages

Subscribe to RSS - Security