Menlo Security has recently published a new report that will probably dismay you if you're a business owner. Microsoft Office has been named as the attack vector of choice for hackers around the world. The most common form of the attack is a malicious Word document or other office document attached to an innocent looking email. There are, of course, plenty of other ways to take advantage of various security weaknesses in MS Office and Office 365. These include the use of remotely hosted … Read more
Turn Cortana Off At Lock Screen To Avoid Potential Hack
Do you use Cortana? It's a handy virtual assistant (like Siri) built into Windows 10. Unfortunately, as useful as she is, there's a problem. Even if you don't use Cortana yourself, take heed: Microsoft has recently issued a security update based on findings by McAfee researchers. It turns out that Cortana can be "summoned" from the lock screen of your PC and used to execute attacks by tricking the ever-helpful Cortana into indexing files from a USB drive, then executing them. To … Read more
Another Vulnerability Found In Intel CPU’s
More bad news for Intel. Yet another security flaw has been identified in the processors the company makes. This one is so newly discovered that the full technical details have yet to be released. Here's what we know so far, from a recent Intel announcement: "System software may opt to utilize Lazy FP state restore instead of eager save and restore of the state upon a context switch...Lazy restored states are potentially vulnerable to exploits where one process may infer register values of … Read more
Some Private Posts On Facebook May Have Been Exposed
Facebook is in hot water again. Recently, the company admitted that while testing a new feature on the site, they inadvertently made public the posts of more than fourteen million users. The incident occurred between May 18th and May 22nd and occurred when Facebook was testing a new "Featured Posts" enhancement. The goal was that users could selectively make posts visible to everyone. Unfortunately, the error created a situation where any posts users in the test group made were … Read more
Attackers Targeting Job Seekers Via Listings And Recruitment
Cyber-criminals around the world are increasingly focusing their attention on job seekers. According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information. Perhaps the biggest surprise is the fact that this is only now becoming a growing threat. After all, from the cyber-criminal's point of view, it's low hanging fruit. Job seekers expect that they'll be asked for all types of … Read more
Study Shows Employee Satisfaction Is Higher With Technology Improvements
A new study recently published by HPE Aruba called "The Right Technologies Unlock The Potential Of The Digital Workplace," reveals some interesting details about technology in the workplace that's worth paying attention to. The study was conducted by collecting feedback from more than seven thousand companies of various sizes around the globe. These were broken broadly into two groups: "Digital Revolutionaries," which made more and better use of cutting edge technology, and "Digital … Read more
T-Mobile Site Leaked Data On Millions Of Customers
ZDNet Researcher Ryan Stevenson recently found a big problem on T-Mobile's website regarding an unprotected API. As a result of the flaw, untold millions of T-Mobile's customers' account information was left exposed and completely unprotected. Literally anyone who stumbled across the site and tried to abuse it could access a wide range of customer information with no password required. This includes, but is not limited to: Customer name Phone number Mailing Address Account … Read more
FBI Advises Users To Reboot Their Routers
Cisco's Talos Security Team has identified a new threat, and it's a nasty one impacting more than half a million consumer-grade routers in the US. According to the Talos Team's report, the new malware is impacting a broad cross-section of routers made by TP-Link, QNAP, Netgear, Mikrotik, and Linksys. Known as "VPNFilter," the malware currently infecting routers appears to be the first stage in a multi-phase attack, with the first segment allowing the hackers to collect a wide range of … Read more
Passwords May Be Dead Soon If Microsoft Gets Its Way
Karanbir Singh (a program manager at Microsoft) is on a mission: Kill the password. As he said in a recent blog post: "Nobody likes passwords. They are inconvenient, insecure, and expensive. In fact, we dislike them so much that we've been busy at work trying to create a world without them--a world without passwords." The company's stated goal is to make it possible that an end user will never have to bother with passwords on a day to day basis and would instead provide credentials … Read more
New Vulnerability May Expose Encrypted Emails
Security researchers at the Electronic Frontier Foundation (EFF) have discovered a dangerous new email vulnerability called "Efail." Exploiting this new email vulnerability would allow hackers to decrypt emails encrypted with either PGP or S/MIME - including emails that were sent several years earlier. Both of these encryption tools are commonly used by politicians, journalists and other professionals who need a secure means of electronic communication. Since the standards are so well … Read more
