access

Wed
19
May
John Lister's picture

Bloggers Accused of Hacking for Opening Dropbox Link

A Californian city will pay $350,000 to two men it falsely accused of hacking its Dropbox account. Officials in Fullerton, California had actually sent a link that granted the access. The case involves two bloggers, Joshua Ferguson and David Curlee, ... who wrote about local government and regularly requested documents under public record laws. As some of these files were very large, officials would often upload them to a Dropbox folder and provide a link granting access. However, one such response in 2019 also mistakenly included a link giving access to a separate folder that included documents ... (view more)

Tue
26
Jan
John Lister's picture

Ransomware Gets Doubly Dangerous

Ransomware infections used to be about forcing victims to pay to regain access to their files. Now it appears more and more scammers are treating it as an exercise in blackmail. A new cybersecurity report says 18 known ransomware gangs have switched ... their focus to threatening to publish stolen data unless the victim pays up. That's led to some businesses paying the ransom even though they had access to backups in order to restore their files. Traditionally ransomware has been about file encryptions. Scammers get access to a victim's computer or network through malware, then the infection " ... (view more)

Wed
01
Jul
John Lister's picture

25 Android Apps Steal Facebook Passwords

Google has removed 25 malicious Android apps which tried to steal user Facebook logins. As always, it's worth checking devices to see if these apps are installed, because they won't automatically uninstall from phones even being ousted from the Play ... Store. This particular batch of apps didn't have a common subject, but each promised to carry out a basic function, including: a flashlight, file cleaner, or card game. Hidden deep inside each app was malicious software that ran behind the scenes. The malware came alive each time an app was opened on the phone, specifically checking to see if the ... (view more)

Mon
25
May
John Lister's picture

Chrome to Encrypt DNS Lookups: What it Means

Google is increasing privacy on Chrome with a change to the way it connects users to websites. But businesses will be able to disable the move so they can keep tabs on staff. The change is to the way Chrome connects with Domain Name Servers (DNS), ... which act a little like a telephone directory for the Internet. A DNS takes a website address that a user types into their browser and finds the matching IP address, which identifies the specific connection to the device such as a server (or service) that physically stores the website's files. In the past, the connection between Chrome and a DNS was ... (view more)

Tue
12
May
John Lister's picture

Thunderbolt Flaw Could Bypass Security, Encryption

A researcher has found a major bug with Thunderbolt port technology that could undermine major security measures on multiple computer systems. There's a big mitigating factor though: an attacker would need extended physical access to the computer in ... order to carry out the exploit. Thunderbolt is a technology that is similar in concept to USB, but adds fiber optic to the usual copper wires. Compared to USB, Thunderbolt has high speed and capacity. Common uses include super-fast device charging (including laptops), 4K video, and extremely quick data transfers. Originally Thunderbolt was only ... (view more)

Tue
28
Apr
John Lister's picture

Major Antivirus Flaw Deletes Files, Corrupts Windows

A security company says it found a simple way to turn antivirus software into a weapon for attackers. Most major manufacturers have now fixed the problem, but it's a reminder to keep such software updated. The discovery by Rack911 Labs effectively ... meant that a hacker could force the antivirus software to delete files on a computer. That would mean the hacker would need to have gained access to a computer first - whether internally on a network, or remotely using malware. The exploit is based on one of the most fundamental actions of any antivirus software: they scan files, check if they are a ... (view more)

Tue
21
Apr
John Lister's picture

Android Store Hacked; Up to 40M Accounts Leaked

A third-party Android app store has been hit by a big data breach. Aptoide users who registered between 21 July 2016 and 28 January 2018 may be affected. Aptoide works in a same way as Google's own Play app store, but isn't subject to its content ... regulations or security vettings. As with all third-party stores, users must confirm they accept security risks when installing apps from it. A hacker has published data from 20 million users and claims to have details of another 19 million users altogether. That's a big chunk of the 150 million people Aptoide claims have used its service at some ... (view more)

Thu
12
Mar
John Lister's picture

New Ransomware Exploits Excel Format

A new ransomware variant takes advantage of a Microsoft Excel feature. It's a good reminder to keep security software up-to-date. The variant has been reported by security company Lastline. It involves a known ransomware called Paradise that ... operates in the familiar fashion: the attackers find a way to get remote access to a computer then encrypt files and demand a fee to restore access - sometimes in the tens of thousands of dollars, or much higher. In this case, the attackers try to trick victims into opening a file attachment that creates the opening for accessing the machine. The ... (view more)

Mon
24
Feb
John Lister's picture

Gas Pipeline Shut Down After Ransomware Attack

Ransomware forced an unplanned shutdown of a US gas pipeline for two days. It's not yet clear if the attackers intended to have that effect. The full details, including the identity of the pipeline and its operators, have been kept under wraps. The ... only official information that's been made public comes from a security alert bulletin by the Department of Homeland Security (DoHS). (Source: us-cert.gov ) The attack started as an all-too-familiar "spear phishing" attack. That's a deliberately targeted email that tries to fool somebody (that typically works for a corporation) into clicking on a ... (view more)

Wed
22
Jan
John Lister's picture

Apple Drops Plan to Tighten iCloud Encryption

Reports suggest that Apple has been pressured by the FBI to drop plans to improve the security of its customer backups. The plan was to better encrypt backups on the iCloud service. iCloud serves two purposes: it's a way for Apple users to store ... data and documents online and access them from anywhere (from any Apple device) with a password; it's also a way to automatically backup the contents of iPads and iPhones. Data from the iCloud is stored on Apple servers in an encrypted format, which means that if somebody gained access to the files (either through a remote hack, or a physical breach ... (view more)

Pages

Subscribe to RSS - access