Do you use any of the following Chrome browser extensions? Change HTTP Request Header Nyoogle - (a custom logo for Google) Stickies - (a Post-It note for Chrome) Lite Bookmarks If so, you're not alone. These four extensions have a combined user base of more than half a million. Recently, security researchers from ICEBRG (a US cyber-security company) have discovered malicious codes embedded in copies of these on the official Chrome Web Store. The code allows hackers to … Read more
Backdoor In Certain Lenovo Switches Discovered
Does your company utilize either RackSwitch or BladeCenter networking switches? Are those switches running ENOS (the Enterprise Network Operating System)? If so, there's a backdoor in your network you weren't aware of. Even worse, it's been there since 2004. Engineers at Lenovo recently discovered the backdoor in the firmware when they conducted an internal security audit. These products were added to the company's portfolio via acquisition from Nortel, and Lenovo only just became aware … Read more
Vulnerabilities Found In Some GPS Services
A duo of researchers stumbled across a series of vulnerabilities in literally hundreds of GPS services that leave sensitive GPS tracking data open to hackers. Dubbed "Trackmageddon" by the researchers, the vulnerabilities span a range of weaknesses that include default or easy-to-guess passwords, IDOR (Insecure Direct Object Reference) issues, insecure API endpoints, and data collection folders that are entirely unsecured. The reason so many different tracking services are impacted is that … Read more
Electronic Device Search Rules Better Defined By US Customs
There's a constant tug of war playing out on the national stage. On one side, privacy advocates are pushing for greater autonomy for end users, and hard limits to the types of searches that law enforcement agencies are allowed to conduct. On the other side are the government agencies themselves, which often cite national security concerns as the justification for more and easier access to the sensitive data contained on personal devices like laptops and smartphones. Generally speaking, … Read more
New Wifi Standard WPA3 May Be Coming
Remember the KRACK WiFi (WPA2) vulnerability, discovered by Mathy Vanhoef? It turns out that his discovery was a catalyst for action. Recently, the WiFi Alliance, which is the industry's standards organization, released details about its new WPA3 protocol. Here's a quick rundown of the changes you can expect to see in the months ahead: Enhancements in encryption capabilities - The new protocol will enable encrypted connections between connected devices and the router/access point, and … Read more
Better Parental Controls Underway For Apple Devices
Recently, a group of investors wrote an open letter to Apple, urging the company to do more in regards to offering better and more robust parental controls on the devices the company makes. Although the group of investors control some $2 billion in Apple stock, this is a drop in the proverbial bucket, given the company's $900 billion market cap. Nonetheless, the letter seems to have gotten Apple's attention. In a statement published in the Wall Street Journal, the company said: "We think … Read more
Select HP Laptop Models Recalled Over Battery Issue
Did you purchase an HP laptop between December of 2015 and December of 2017? If so, then you may have problems. The US Consumer Product Safety Commission has been made aware of eight instances where HP battery packs overheated, charred, or melted, creating a worrisome fire hazard that has gotten the attention of user groups scattered all over the internet. It also got the attention of HP itself, and the company recently announced "a worldwide voluntary safety recall and replacement … Read more
Weird Sounds Coming From Your Speakers? Could Be A Hacker
Have you been hearing strange, otherworldly sounds on your Bose or Sonos speakers? If so, rest assured that your speakers aren't haunted. They've likely been hijacked by hackers. Researchers at Trend Micro have confirmed that some models (the Sonos Play:1, the Sonos One and the Bose SoundTouch) of both brands of speakers are vulnerable to hacking if the speaker is connected to a misconfigured network. If the hackers find such a speaker, they can take control of the speaker and direct to … Read more
Sound Waves May Be Used In Future Hard Drive Attacks
Another week, another attack vector, and this one deserves extra points for creativity. New research has proved the viability of using something as simple and innocuous as sound waves to disrupt the normal functioning of HDDs, which can be used to sabotage a wide range of equipment from Pcs, to CCTV systems, ATMs and more. Researchers have toyed with, and been aware of the possibility of using sound waves to disrupt the normal functioning of an HDD for more than a decade, but the most … Read more
Nvidia Dropping Driver Support For Older Operating Systems
AMD long ago dropped support of 32-bit operating systems, and now, Nvidia is following suit. The long-anticipated move by the company will mean the end of driver support for the 32-bit builds of Windows 7, Windows 8, Windows 8.1, Windows 10, Linux and FreeBSD. Nvidia is taking a balanced, responsible approach here. The company has pledged to continue offering 32-bit driver security updates until January 2019, but will immediately discontinue making performance updates to the drivers of older … Read more
