Security

If you're still on Windows 7 or earlier, you need to make sure you have a recent security patch installed as soon as possible. It fixes a very serious operating system exploit, dubbed "BlueKeep". Note that a firewall and antivirus will not block ... operating system exploits , which is why using an unsupported operating system is incredibly dangerous . The bug is in the way that Remote Desktop Protocol (RDP) works. Remote Desktop Protocol lets somebody on one computer see and control another computer in another location. It has some extremely useful applications such as working away ... (view more)

The National Security Agency (NSA) is refusing to comment on claims a tool it developed has been used in a ransomware attack on the Baltimore city government. The New York Times says the attackers used a tool called "EternalBlue." The attackers have ... encrypted Baltimore government systems and demanded between $76,000 and $114,440 (depending on the account) to restore access. Officials have refused to pay and used workarounds including some manual processing of files and switching to Gmail for internal communications. It seems the attack was carried out using EternalBlue, which is ... (view more)

A laptop riddled with six of the most devastating computer viruses of recent years looks set to sell for more than a million dollars. It's part of a bizarre auction that positions the computer as "a work of art." The laptop, dubbed "The Persistence ... of Chaos" is an ordinary Samsung netbook running Windows XP. What makes it unusual is that it is currently running six pieces of malware that are installed on the machine have caused an estimated $95 billion of damage worldwide. It's a collaboration between cyber security company Deep Instinct and artists Guo O Dong, who says his work " ... (view more)

A tech expert has spotted a security risk in the mobile edition of Chrome. The way the exploit works means that scammers could make the browser appear to show a fake website address. This type of exploit would be particularly useful in a phishing ... scam, where hackers could develop a bogus website (such as a major banking site) to trick people into handing over personal information or passwords to sensitive data. James Fisher noted a potential problem with what's meant to be a useful measure in mobile Chrome. As the user scrolls down the page - which is much more likely to happen on a phone ... (view more)

An app designed to make it easier to get on public WiFi has accidentally exposed more than two million WiFi passwords. It appears to be a case of terrible design, rather than pure malice by the app designers. The app is called "WiFi Finder - connect ... to hotspots" and is listed on the Google Play store as having more than 100,000 downloads. In theory the app is part of a project to make using WiFi on the move more convenient. It's designed to be a massive database to which users can add public WiFi networks and the relevant passwords. For example, visitors to a coffee store could add the ... (view more)

Six very opular Android apps have been exposed as scams to defraud advertisers. The scam also drained batteries and sucked up mobile data on the handsets. The six apps are AIO Flashlight, Omni Cleaner, RAM Master, Selfie Camera, Smart Cooler and ... Total Cleaner. All were in the official Google Play store but have been removed since their real purpose came to life. The revelation came after three security companies - Check Point, ESET and Method Media Intelligence - worked with news site Buzzfeed to investigate risky apps. They concentrated on apps which were widely used and required permissions ... (view more)

Hackers are now far more likely to target Microsoft Office than web browsers according to a security firm. Kaspersky Labs says the big problem is that fixing some of the most common MS Office flaws would cause serious compatibility problems. The ... figures are based on the number of users affected, rather than the sheer volume of attacks. That's arguably more informative as it doesn't treat all attacks as equally significant. Kaspersky compared the last three months of 2018 with the same period in 2016 and found a dramatic difference in just two years. Browsers and Flash Less of a Problem In the ... (view more)

A feature used in several ad blocker tools could be used to "booby trap" websites according to a security researchers. It appears to be a low but credible risk. The problem is all to do with the way many ad blockers work. In simple terms, they ... maintain a blacklist of URLs that host ads and other unwanted material. Whenever a website tries to load an ad from an URL on the list, it's blocked from doing so. Since last summer some ad blockers, including Adblock Plus, added support for a feature called "$rewrite." With this feature, the ad blocker won't just block the unwanted URL from ... (view more)

A security researcher says an Internet Explorer flaw could affect people who don't even use the outdated browser. It's a reminder of the dangers of opening unexpected email attachments. John Page has published details of the bug which affects ... version 11 of Internet Explorer (the latest) on both Windows 7, 8 and 10. The bug involves a file format called MHT. It's a format that's not used much these days but used to be common back when Internet Explorer was king. It's used to download an entire web page (including images and other media) into a single file. It's not needed today as browsers can ... (view more)

Scammers have found a creative way to bypass spam filters, effectively tricking legitimate sites into sending the message on their behalf. It's a reminder that human skepticism is always a key part of cyber security. The new scam was spotted by Sam ... Cook of Comparitech who spotted something amiss in an email from the British Newspaper "Archive," - a perfectly legitimate organization. The scam email asked him to confirm his email address for registering an account with the site. The problem there was that Cook hadn't attempted to register. In fact, this was the first time he ever ... (view more)