Security

Fri
03
Jan
John Lister's picture

North Korea Accused of Attacking Windows Users

Microsoft has warned users to pay particularly close attention to emails that appear to come from "microsoft.com". A simple trick involving spelling was the key to a security attack that Microsoft believes was instigated by North Korea. A US court ... has given Microsoft legal control of 50 web domains it says were used to carry out cyber attacks on Windows users. It's said to be the work of a group dubbed Thallium operating out of North Korea. Microsoft says the attacks were targeted at "government employees, think tanks, university staff members, members of organizations ... (view more)

Thu
02
Jan
John Lister's picture

No More Security Updates: Win7 Support Ends Jan 14

Microsoft will officially ditch support for Windows 7 in just a couple of weeks, a decade after the system debuted. It means Microsoft may face a difficult choice over security issues. January 14 will mark the end of Extended Support for Windows 7 - ... the second period of a Windows edition's lifespan. Mainstream support, which is the period when Windows 7 received new features and Microsoft deals with tech queries free of charge, already ended in 2015. (Source: bt.com ) Extended Support is where Microsoft charges for help and where the only updates are to fix security problems and major ... (view more)

Tue
31
Dec
John Lister's picture

Wyze Camera, Customer Database Leaked

A "smart" security camera maker has suffered a significant data breach. No video footage was leaked, but email addresses and details of some home gadgets were exposed. Manufacture Wyze hasn't revealed full details of how the breach happened, but ... denied that the leak was due to using cloud computing in China. According to Wyze, the exposed data covered 2.4 million customers and included "customer emails along with camera nicknames, WiFi SSIDs, Wyze device information, body metrics for a small number of product beta testers, and limited tokens associated with Alexa integrations. ... (view more)

Wed
18
Dec
John Lister's picture

Report: Vladmir Putin Still Using Windows XP

Russian leader Vladmir Putin still uses Windows XP if official photographs are to be believed. Ironically it might actually be a security measure. The photos released by the Russian state news agency show Putin's computers in his Kremlin office and ... his official residence. In both cases the screens are displaying the toolbar and icons from XP, though the default desktop background image is replaced with a picture of the Kremlin. (Source: themoscowtimes.com ) It would certainly be frowned upon (if not entirely shocking) for senior government officials in the West to still be running XP due to ... (view more)

Thu
12
Dec
John Lister's picture

Critical: Font Bug Affects All Versions of Windows

A bug in the way Windows handles fonts could leave computers open to a "drive-by attack" - as long as the machine is connected to the Internet. It's among the vulnerabilities fixed in the latest Windows security update. All versions of Windows are ... affected . The bug involves the way Windows deals with embedded fonts. An embedded font means that the document includes the code for the font itself. It's generally used where a document or web page designer wants users to see a specific font that's not widely installed on computers. The bug means an embedded font could be coded in a way ... (view more)

Fri
06
Dec
John Lister's picture

Mozilla Removes Security Extensions by Avast!, AVG

Mozilla has removed security tools from Avast and AVG from the Firefox extension store. It says the tools are collecting too much personal data about users. The extensions are third-party tools for the Firefox browser that add extra functionality to ... web browsing. In this case, the advertised purposes include highlighting and blocking malware that could be downloaded, and warning users when a page may be part of a phishing attack. That's where a user is tricked into typing in personal details into what they think is a legitimate site. Mozilla acted after online posts by Wladimir Palant, who ... (view more)

Thu
05
Dec
John Lister's picture

Android Malware Extracts Passwords from Any Legit App

Security researchers say a serious Android bug could let malware pose as a legitimate app and gain unwanted access to a phone's data and functions. The concept of the 'StrandHogg' bug has been known for several years, but now it's being actively ... exploited to target online banking. In simple terms, the bug has two unwanted effects: it can trick users into giving malware sensitive 'permissions' to access the phone, and it can hijack legitimate apps to trick users into handing over login details and sensitive information. Researchers at Promon explain the bug is with a security setting called ... (view more)

Thu
21
Nov
John Lister's picture

'Windows Update' by Email is Actually Ransomware

A bogus "Windows Update" distributed by email is, perhaps unsurprisingly, actually ransomware. It shouldn't fool most users but makes it a good time to remind less tech-savvy PC owners of the need to take necessary precautions. The unsolicited ... emails have a subject line of either "Critical Microsoft Windows Update!" or "Install Latest Microsoft Windows Update now!" Those who open the email will then see a message that says (complete with opening typo) "PLease install the latest critical update from Microsoft attached to this email." (Source: trustwave.com ) $500 Ransom Demand It seems a safe ... (view more)

Tue
19
Nov
John Lister's picture

Man Jailed for Attacking Millions of Websites

A man who launched millions of separate attacks on websites has been jailed for 13 months for conspiracy to damage Internet-connected computers. Sergiy Usatyuk, who is 20, offered an attacks-for-hire service using Distributed Denial of Service ... (DDoS) tactics. A Denial Of Service attack is a crude but often effective technique that simply involves flooding a site with bogus "visits" until the web server becomes overloaded, which then causes the website to become inaccessible for ordinary users. It's roughly equivalent to tying up a company's switchboard with prank calls. The "distributed" ... (view more)

Tue
12
Nov
John Lister's picture

Google Play to Use Third Party Security to Scan Apps

Google is to use outside help to scan apps before they go into the Google Play store. It says the move is needed to cope with the continuing increase in the number of rogue Android apps. Just two weeks ago, 21 Android apps were reported to be rogue ... ; in early September, 24 apps were found to be rogue . The new "App Defense Alliance" involves Google working with three security companies, namely: ESET, Lookout and Zimperium. They all specialize in mobile security with a particular emphasis not just on spotting individual rogue apps, but on figuring out common characteristics and clues ... (view more)

Pages

Subscribe to RSS - Security