Security

Thu
28
Jul
John Lister's picture

Smart Devices Could Expose WiFi Passwords, or Worse

Are smart devices a security risk? Security firm Rapid 7 seems to think so. According to the researchers, a range of Internet-connected light bulbs had at least nine security flaws. While the potential consequences are hardly life or death, it could ... be a blow to the concept of smart devices in the home. Osram's Lightify range of light bulbs lets users control lighting via a smartphone or tablet app. The idea is partly to allow more precise controls, such as dimming a bulb or even changing its color, and partly to allow users to remotely access the lights. For example, if a home owner is ... (view more)

Tue
19
Jul
John Lister's picture

'Lazy' Ransomware Deletes Every File in Sight

Is there fair play amongst ransomware scammers? A particularly lazy variant of "ransomware" is making its rounds, though researchers say that paying up will never pay off. For the most part, ransomware usually involves a nasty malware program ... encrypting files on a PC, followed by a promise of a decryption key - but only if the victim pays a ransom. It would make sense that if people stopped believing this would happen, they would stop handing over the cash. Files Deleted Rather Than Encrypted Now security company Talos has spotted a variant where there's absolutely no prospect ... (view more)

Wed
13
Jul
John Lister's picture

New Research Promises to Halt Ransomware in its Tracks

Researchers say they've found a way of severely limiting the damage ransomware causes. Meanwhile California legislators are mulling over new laws specifically aimed at the tactic. Ransomware involves attackers remotely installing malicious software ... that encrypts files and makes them inaccessible without an unlock key. In many cases, this means victims can't access the data and may be unable to use the computer at all. The attackers then demand a fee to provide the unlock key. The tactic has led to controversy over whether victims should pay the fee , something critics say merely encourages ... (view more)

Thu
23
Jun
John Lister's picture

Fake Tech Support Scam Gets New Twist

A newly-publicized take on a long-running scam involves on-screen messages that falsely appear to be from a user's Internet service provider. It's a trick with a variety of ways to profit from the customer. For many years, scammers have been calling ... people on the telephone claiming to work for Microsoft or other computer companies, saying the person receiving the call has a virus. The scammer will then usually try to get the victim to pay for bogus tech support services. While most people realize it's a scam, the idea is to call enough people so that even a small percentage of ... (view more)

Wed
22
Jun
John Lister's picture

GoToMyPC Remote Access Hit By Hackers

Users of remote access tool GoToMyPC will need to reset their passwords as a security measure after an attack by hackers. Although creators Citrix describe it as a "very sophisticated" attack, it's simply another case of hackers targeting people who ... continue to re-use passwords on multiple sites. GoToMyPC is a tool that lets users remotely access their PC or Mac using another computer or mobile device. As with most such tools, the computer being remotely accessed must be switched on and connected to the Internet. The actual system that powers GoToMyPC, and its database of login ... (view more)

Thu
09
Jun
John Lister's picture

Report: Millions of Online Databases Unsecured

Belgian computers are most exposed to hacking according to a new study, with the US in 14th place. It's all because of millions of computers having open, unsecured connections to the Internet. Research firm Rapid7 looked at the full range of data ... connection services on the Internet beyond just the more familiar HTTP that most users use while browsing the web. These include FTP (file transfer protocol) SSH (secure shell for remote connections), and SMTP (simple mail transfer protocol), used for many email services. To carry out the research, the company embarked on the massive task of ... (view more)

Wed
08
Jun
John Lister's picture

TeamViewer Remote Access Customers Hacked

Management at TeamViewer, a remote access computer tool, have confirmed that a "significant number" of users have fallen prey to hackers. However, the company insists that all evidence suggests that there is no flaw in the system, but is instead ... pointing fingers at its users. TeamViewer allows users to login to a remote computer (even their own) from anywhere with an Internet connection. Once connected, users can operate the computer just as if they had physical access to the machine. The security for the system works in two ways: first, users get a reference number that identifies ... (view more)

Tue
07
Jun
John Lister's picture

Facebook Chief Online Accounts Hacked

Two online accounts belonging to Facebook chief Mark Zuckerberg have been hacked. The incident, thought to have resulted from a LinkedIn data breach, is a high profile example of the dangers of poor password choices. The hackers, calling themselves ... OurMine Team, took control of Zuckerberg's Twitter account and posted a message informing him of the breach. They also claimed to have accessed his Pinterest account (which appears to be correct) and his Instagram account, which doesn't appear to be the case. Perhaps the one point of relief for Zuckerberg is that his Facebook account was not ... (view more)

Thu
02
Jun
John Lister's picture

Bloatware from 5 Major PC Firms 'A Security Risk'

A security firm says that laptops from five major PC manufacturers have inherent security flaws which make the systems open to attack the very first time they are used. The problem deals with the automatic update tools installed by the manufacturer. ... Duo Labs explored the pre-installed manufacturer software on laptops from Acer, Asus, Dell, HP and Lenovo. In total, they found 12 vulnerabilities which they described as being ridiculously simple to exploit. (Source: duo.com ) The software is what's officially known as Original Equipment Manufacturer (OEM) software, but commonly referred to ... (view more)

Tue
31
May
John Lister's picture

Four Major Site Login Databases Stolen

A series of massive but dated breaches of high-profile sites is yet another reminder of the dangers of poor password security. While the sites in question are taking preventative measures, experts warn that hackers could use the stolen details to ... access other sites. In the past few weeks, hackers have offered up massive hauls of stolen login details from four major sites. They include details of 360 million accounts from MySpace and 65 million accounts from Tumblr, both lists appearing to date from 2013. Questions Posed For Sites And Users This follows 164 million account details from ... (view more)

Pages

Subscribe to RSS - Security