Do you have a Mi-Cam in your home? Even if you don't have kids, you may have one. They're a highly popular, inexpensive means of keeping tabs on the comings and goings inside your home when you're not around. As with so many such devices these days, users have the option of installing either an Android or iOS app on their phones so they can peek in remotely, any time they like, and therein lies the problem. It's no secret that the IoT is filled with "smart" devices that don't live up to … Read more
Intel Releases New Patch For Spectre Chip Issue
By now, you've probably heard more than you ever wanted to hear about the critical Intel security flaw known as "Spectre." The flaw is massive in scope and scale, impacting every chip that Intel has released over the past decade, and if exploited, would allow a hacker to take complete control over the vulnerable system. Needless to say, once discovered, the company got to work right away on a fix for the issue. Unfortunately, there were problems. Whatever form the fix ultimately took, it … Read more
New Apple Update Available for Character Bug Solution
Recently, another "exotic character" bug was found in iOS. If someone sends this particular character (a special character that's part of the Indian language pack) to your phone via any messaging app, it will not only crash your phone, but cause a variety of messaging apps to stop functioning. When the bug was initially reported, Apple treated it as a somewhat low priority item and announced their plan to fix it with the release of iOS 11.3 later this spring. The company's loyal user base, … Read more
IRS Labeled Email Could Contain Ransomware
There's a new strain of the "Rapid Ransomware" making the rounds, and because of how it's being transmitted, it's destined to have a higher than average rate of infection. The new strain was first discovered by Derek Knight. It is disturbing because it claims to come from the IRS, and will feature subject lines like "IRS Urgent Message-164." The body of the email then goes on to say that the recipient owes some amount of money in real estate taxes, and "helpfully" includes instructions for … Read more
40 Percent Of All Login Attempts Are From Bots
Here's a statistic that is as disturbing as it is frustrating. According to the latest "State of the Internet/Security" report for the fourth quarter of 2017, as published by Akamai, bot-traffic accounts for a staggering 43 percent of all login attempts. As bad as that figure is on its face, it's far worse for companies in the hospitality industry, where the figure is an almost unbelievable 82 percent. The reason? Hackers are increasingly using bots to perform "credential stuffing" … Read more
Blizzard Games Vulnerability Could Leave Gamers Open To Hacking
Do you play Blizzard online computer games such as World of Warcraft, Diablo III, Hearthstone, Starcraft II, or Overwatch? If so, there's a potential problem you need to be aware of. Tavis Ormandy, a researcher on Google's Project Zero team, recently discovered that the Blizzard Update Agent is vulnerable to hacking, via a technique known as "DNS Rebinding." The update agent is designed to accept commands to install, uninstall, change settings, update and perform other maintenance … Read more
2 Million Credit Cards Stolen From Popular Sandwich Shop
By now, we've seen enough large-scale Point of Sale (POS) credit card thefts that patterns are beginning to emerge. Some companies follow the general arc of the narrative better than others and deserve credit for doing so, but in the end, the story is about the same. That's certainly the case with Jason's Deli. Recently, they discovered RAM-scraping malware on a number of their POS terminals. This has happened at a total of 164 of their locations, scattered across 14 states. During the … Read more
Mac Computers Battling New Malware For Hijacking DNS
It's official, the first macOS malware of 2018 is here. Discovered by an independent security researcher and dubbed "OSX/MaMi," the code is functionally similar to DNSChanger malware. The researcher posted his findings on the Malwarebytes forum and none other than Patrick Wardle (an ex-NSA hacker) analyzed it, having this to say: "OSX/MaMi isn't particularly advanced - but does alter infected systems in rather nasty and persistent ways. By installing a new root certificate and hijacking … Read more
Use Of Bots Has Increased Fake Account Creations
The ThreatMetrix Cybercrime Report 2017 is out, and is a troubling read for anyone who has anything to do with data security. As a fraud prevention company protecting nearly a billion and a half users around the world, they're uniquely positioned to know, and their insights on the threat landscape is invaluable. Their main finding is that hackers, scammers and fraudsters are moving away from using stolen debit and credit cards, given that these things have such a short shelf life. On the … Read more
Backdoor In Certain Lenovo Switches Discovered
Does your company utilize either RackSwitch or BladeCenter networking switches? Are those switches running ENOS (the Enterprise Network Operating System)? If so, there's a backdoor in your network you weren't aware of. Even worse, it's been there since 2004. Engineers at Lenovo recently discovered the backdoor in the firmware when they conducted an internal security audit. These products were added to the company's portfolio via acquisition from Nortel, and Lenovo only just became aware … Read more
