Security

A ransomware gang said to have Russian links appears to have been knocked offline. The REvil group recently demanded a $70 million ransom after a major attack. The group was linked to two recent attacks, the first on an international meat processing ... company. JBS, which is estimated to process 20 percent of the beef and pork sold in the US, had to shut down production while dealing with the breach. An even more serious attack targeted Kaseya, a company that not only offers computing services to businesses, but also powers many managed service providers that run IT for their own clients. The ... (view more)

Nine popular Google Play apps were actually scams to steal Facebook logins according to a security company. Although Google has removed some of them, they may still be on devices. All the apps were promoted as performing a simple task and appear to ... have worked as designed. Although that meant more effort for the developers, the idea was to make users less suspecting that the apps were actually harmful. The affected apps had the following names and functions: App Lock Keep (child safety tool) App Lock Manager (child safety tool) Horoscope Daily (astrology) Horoscope Pi (astrology) Inwell ... (view more)

Humans as a whole spend 500 years each day completing CAPTCHA challenges according to a new estimate. The company behind the claim says USB security devices would be a more sensible way to confirm somebody is a human. The data from Cloudflare is ... about CAPTCHAs: Completely Automated Public Turing test to tell Computers and Humans Apart. It's tests such as recognizing a string of letters on an unclear background or picking out images that contain a particular thing such as a boat or traffic light. The idea is to limit automated visits to a web page or form submissions, for example to limit ... (view more)

A campaign group claims Facebook lets users target ads at children based on interests such as smoking, drinking alcohol and gambling. Facebook says it has adequate measures to find and block such ads both before and after publication. The claims ... come from Reset Australia, which says it ran an experiment posing as the fictional "Ozzie News Network." It set up an advertising account on Facebook to see what options were available. In theory, Facebook has an outright ban on advertising adult topics such as alcohol to under 18s. Reset Australia says this failed in two ways: it was able to target ... (view more)

Nearly 30 Android and Roku apps hijacked phones to defraud advertisers. Although users never saw the ads, they may have noticed increased data use and slowed performance. The scammers used the apps distributed in the official Google Play store to ... build up a network of almost a million compromised Android devices. The "PARETO" botnet then used the phones to issue bogus requests to advertisers while making the devices appear to be Smart TV sets. That was particularly appealing to advertisers because of the belief viewers are more likely to pay attention to an ad on a TV screen than on a phone. ... (view more)

A data leak has exposed the phone numbers of an estimated 500 million Facebook users. The data comes from a breach in 2019, but has just been made public. According to Facebook, the breach was "found and fixed" in 2019, which has raised some ... eyebrows given the company never warned users their details may have been compromised. It argues the data wasn't hacked but rather "scraped" from publicly accessible information through a bug in its feature that lets users find the Facebook accounts of people in their phone contacts. That may not be enough to satisfy data protection officials in several ... (view more)

Apple has warned users to check their portable devices to ensure they are up to date. A bug that affects iPhones, iPads and Apple Watches may already be under attack by hackers. The bug affects WebKit, which is the underlying software for Safari and ... any other web browsers which use Apple's operating system iOS. Specifically, it covers the way web content appears and the way browsers keep track of which sites a user has recently visited, allowing features such as the browser back button to work properly. Apple isn't giving many details of exactly how the bug works or could be exploited, which ... (view more)

A single character from ancient English could crash a Windows 10 PC, thanks to an odd security glitch. It's been patched in the most recent Windows updates, making it an important fix for those who download updates manually. The bug appears to work ... in most major browsers and involves the Æ symbol. If that isn't clear on your device, it's the symbol that looks like a capital A in italics squashed into a capital E. The symbol, sometimes called "ash" in English, has been used to designate specific sounds in several language over the past few thousand years. In old English it was a sound ...<a href="/news/10902/single-character-could-crash-windows-pc" class="more-link">view more

If you use Chrome, you need to make sure it's up to date. The browser has been hit by a dreaded zero-day flaw . In this case, hackers are aware of the bug and are actively exploiting it before Google has a chance to issue a security patch. The name ... comes from the fact that Google has "zero days" head start in getting the patches out. Google confirmed that it "is aware of reports that an exploit for CVE-2021-21166 [the bug in question] exists in the wild." (Source: googleblog.com ) High Severity Flaw The security flaw is rated as "high severity" on Google's rankings of how much ... (view more)

Apple says it has dealt with the risk from a newly-discovered piece of malware affecting macOS. It's a reminder that macOS isn't completely immune from malware - which may have been the point of the attack. Security company Red Canary discovered the ... malware and dubbed it Silver Sparrow. It says data from Malwarebytes showed it was present on 29,139 computers. (Source: redcanary.com ) It appeared to target computers which have the M1 chip. That's an Apple produced processor designed specifically for Macs. It's combines multiple functions on a single chip, the idea being to increase efficiency ... (view more)