Security

Wed
28
Aug
John Lister's picture

How to Fix: Delete, Stop Google Calendar Spam

Google Calendar users have been hit by a spate of spam "events" that are nothing more than dubious web links. Users have several ways to stop the problem, but with some drawbacks. The problem involves mysterious entries appearing in Google Calendar, ... sometimes seeming to have been added by friends. Speaking from experience, I had several entries appear for an "event" which was supposedly a time-limited offer to pick up a free iPhone, along with a link to confirm I wanted to take advantage. Although I did not click on the link, it's a safe bet it would not have taken me to the Apple store. ... (view more)

Mon
26
Aug
John Lister's picture

Chrome to Check Passwords Against Hacked Databases

Chrome may soon warn users if their passwords have been compromised. It works by checking inputted passwords against those exposed in public data breaches. The feature is already available for Chrome from an official Google extension known as ... Password Checkup, but users need to actively install this extension to use it. Web browser Mozilla Firefox already has a similar feature built-in. Now a similar feature named "password leak detection" has been spotted in the code of Chrome Canary. That's a version of Chrome that includes test features planned for release in the main Chrome edition in a ... (view more)

Thu
22
Aug
John Lister's picture

iPhones, VLC Player Both At Risk

Users of both Apple devices and the VLC media player should watch out for potentially serious security bugs. The former is a particular embarrassment for Apple. It turns out the company fixed a security bug in iOS 12.3 in April, then accidentally ... removed the fix in iOS 12.4, which it released last month. It now plans to fix it imminently in an emergency update to be titled iOS 12.4.1. The bug is very serious as it potentially allows a rogue app to "execute arbitrary code with system privileges." That effectively means malware could have complete control over an iOS device, something that's ... (view more)

Tue
20
Aug
John Lister's picture

Can Keyboard Sound Expose Passwords? Experts Say No

Researchers say there's a risk that microphones and motion sensors in smartphones could make it possible to figure out information being typed on nearby keyboards. But media headlines that "hackers can work out your password" are a significant ... stretch. The research comes from the Darwin Deason Institute for Cyber Security at Southern Methodist University, based in Texas. It stemmed from the thought that smartphones could pick up sound in two ways: not just the sound waves in the air through the microphone, but vibrations such as on a table collected through the motion sensors in the phone. ... (view more)

Thu
15
Aug
John Lister's picture

Over 1 Million Fingerprints Exposed Online

More than one million fingerprints were exposed online for at least a week, according to security researchers. The company responsible for the data says it will take immediate action if there's a security threat. The data is held by Suprema, which ... operates a biometric lock system called Biostar 2. It lets building owners restrict access by fingerprint or facial recognition, rather than relying on measures such as physical keys or pass codes. The Guardian newspaper reports that Biostar 2 is used in a wider system that has 5,700 customers accessing 1.5 million locations across 83 countries. ... (view more)

Mon
12
Aug
John Lister's picture

Apple Offers $1 Million For iPhone Hack

Apple is offering a million dollar bounty to anyone who can successfully hack an iPhone and shares the details. But its limited to specific circumstances that will mean the payout is well worth it for the company. Like several tech giants, Apple ... already had a reward scheme for people who find and report bugs. To date the biggest bounty Apple has offered is $200,000 and only to people who have previously been approved to explore Apple bugs. The million dollar bounty is officially open to anyone. The new offer was made at the Black Hat convention in Las Vegas, the leading annual gathering of ... (view more)

Wed
31
Jul
John Lister's picture

iPhone/iPad Users: Update Immediately

Google says it has found half a dozen major security flaws in Apple's iPhone messaging system. A new iOS update fixes five of the problems, but Google says one remains unpatched. The flaws were discovered by Google's Project Zero, a department that ... takes its name from the idea of "zero day" bugs . That's where would-be hackers become aware of a security issue before the relevant software developers are able to patch the bug. The zero day bugs are then exploited which often results in elevated privileged access levels given to a rogue program. The problems are with iMessage, the instant ... (view more)

Tue
30
Jul
John Lister's picture

Mega Hack Exposes Entire Population's Data

Financial records of almost every adult in Bulgaria have been stolen in a cyber attack. It's led to the unlikely situation of the country's leader reportedly exaggerating the attacker's skills. One man has been arrested following the attack, which ... looks to have involved unauthorized access to a database with records for every working adult in the country. That's almost five million people. There's some debate over exactly what was involved in the breach. Press reports suggest it not only included personal information such as date of birth and address, but also tax ... (view more)

Wed
17
Jul
John Lister's picture

New Router Exploit Auto-redirects to Rogue Sites

A security firm says hackers have hijacked 180,000 routers in Brazil alone so far this year. They target people who haven't changed the default login for the router's control system. According to Avast, there have been more than 4.6 million attempts ... to modify router settings remotely. Although the attacks were targeted at people using particular Internet service providers in Brazil, there's no reason the same tactics couldn't work elsewhere. The goal of the attacks is to change the DNS settings on a router. In simple terms, that's like the address book that a router uses to turn a website ... (view more)

Thu
11
Jul
John Lister's picture

New Super Stealth Astaroth Malware Records Keystrokes

Microsoft has warned users about a complicated but cunning malware attack that might not be caught by all security tools. The "Astaroth" malware doesn't actually exist as a file in its own right. The main risk to users from Astaroth is that it ... includes a keylogger. This means it can access everything victims type, including passwords and other sensitive data. That's one of the reasons sites such as online banks often ask users to type specific characters (such as third and eighth) rather than an entire password. Malware Hides Within Windows What makes Astaroth so hard to detect is ... (view more)

Pages

Subscribe to RSS - Security