Owners of Apple devices have a new attack vector to worry about, called "TrustJacking." Symantec researchers recently stumbled across a pair of scenarios that take advantage of Wi-Fi syncing of various Apple devices. These are scenarios that also take advantage of the trust users have in the security of their own devices, allowing hackers to take complete control over those devices. The flaw is a consequence of the way that iTunes Wi-Fi Sync is designed. The vulnerability manifests when a … Read more
Bank Employee Steals Info On Over A Million Customers
Atlanta-based SunTrust Bank is the 12th largest bank in the US. They have a major problem, and so do roughly a million and a half of its customers. According to CEO William Rogers, an unidentified employee of the firm printed a vast amount of private customer information, including their names, addresses, phone numbers and account balance information. Rogers stressed that social security numbers, account numbers, driver's license numbers, user IDs, and passwords were not exposed. In a … Read more
Researchers Find Major Vulnerabilities In Banking Apps
Do you do your banking online? If so, there's bad news in the form of a report recently released by the security firm "Positive Technologies." The company tested a variety of websites using a proprietary tool they developed in-house, which scans websites for security flaws. While flaws were found across a wide range of industries, literally every banking site Positive Technologies tested was found to have serious security flaws. The particulars varied from one bank to the next, but the … Read more
Hacked Routers Being Used To Spread Malware
Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report. Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing. Researchers are observing marked increases in their use by APTs (Advanced Persistent Threat) around the world. APTs are nothing … Read more
Panera Bread Customer Accounts Exposed To Threats
Panera Bread company is the latest to find itself in hot water. Recently, security researcher Dylan Houlihan discovered that the company had failed to encrypt (or otherwise protect) a file containing usernames, email addresses, physical addresses, phone numbers and loyalty account numbers for a staggering thirty-seven million of its customers. The file was found stored as plain text, and accessible to anyone who bothered to go looking for it. The good news is that no one appears to have … Read more
No Spectre Fix For Certain Intel Processors
The bad news just doesn't seem to stop where Intel and the Speectre vulnerability are concerned. The latest bit of news comes directly from Intel, as the company admits that it's just not possible to address the Spectre vulnerability in some of its older hardware. This means that nine families of chips and more than 230 models of computers (mostly manufactured between 2007 and 2011) will remain vulnerable to Spectre forever. The company has stopped Spectre mitigation development on the … Read more
Hackers Zone In On Microsoft Products To Attack
Congratulations to Adobe Flash Player for not being the software most targeted by hackers. Security vendor "Recorded Future" has just published their annual list of the software hackers most commonly focus on when targeting computers and handheld devices for attack. For the last several years, Adobe's Flash Player has topped the list, but this year they have been dethroned. Microsoft now has the embarrassing honor. There are multiple Microsoft programs on this year's list, with some of them … Read more
Huge Spike in Malware With Mining Capabilities
There's a new type of hacking attack to be concerned with, and it's growing by leaps and bounds. Called "Crypto-Jacking," it's a process by which malicious code is placed on websites. When the sites are visited, the code secretly siphons off a portion of the affected user's PC, laptop, or smartphone's processing power and uses it to mine for various cryptocurrencies so that the hackers can profit from it. Kevin Haley, the Director of Symantec's Security Response Team, had this to say about … Read more
Attacks on Health Organizations Increasing At Alarming Rate
It used to be the case that credit card companies and retail outlets were the primary targets of hackers around the world. Make no mistake, they still get attacked with regularity, but the hackers have found a new and even more lucrative target: Health Organizations. According to a new report jointly produced by the Ponemon Institute and Merlin International, the medical/healthcare industry suffered nearly a quarter (23 percent) of all the data breaches that occurred in 2017. It gets … Read more
Beware Fake Craigslist Email Could Contain Ransomware
If you post ads on Craigslist for short term employment, be aware that there's a new malspam campaign that aims to distribute Sigma ransomware on the computers of unwary users. By all outward appearances, the emails seem to come from Craigslist in response to ads posted in Craigslist's "Gigs" section for short term employment. The emails will generally express interest in whatever job the user has posted and include a protected Word or RTF document which recipients will assume are … Read more
