The "Spectre" vulnerability that impacts literally every Intel chip made over the last decade keeps finding new ways to make the news. In this instance, researchers at Ohio State University have discovered a new variant of the vulnerability that they have dubbed "SGX Spectre." To understand how it's different, a bit of explanation is in order. SGX stands for "Software Guard eXtensions," and is a feature only found in the latest Intel processors. It allows applications to create "data … Read more
Another 2.4 Million Users Hacked In Equifax Breach
It looks like it's going to be another bad month for Equifax. The company just can't seem to get out of its own way. In 2017, the company announced a massive data breach that (it initially claimed) impacted some 140 million users. Several months after the official announcement, the company was forced to revise the number of impacted users upward, as the forensic investigation into the breach continued. Now, the company has announced a further upward revision of 2.4 million, bringing the … Read more
Mi-Cam Baby Monitor Video Feeds Vulnerable To Hacking
Do you have a Mi-Cam in your home? Even if you don't have kids, you may have one. They're a highly popular, inexpensive means of keeping tabs on the comings and goings inside your home when you're not around. As with so many such devices these days, users have the option of installing either an Android or iOS app on their phones so they can peek in remotely, any time they like, and therein lies the problem. It's no secret that the IoT is filled with "smart" devices that don't live up to … Read more
Intel Releases New Patch For Spectre Chip Issue
By now, you've probably heard more than you ever wanted to hear about the critical Intel security flaw known as "Spectre." The flaw is massive in scope and scale, impacting every chip that Intel has released over the past decade, and if exploited, would allow a hacker to take complete control over the vulnerable system. Needless to say, once discovered, the company got to work right away on a fix for the issue. Unfortunately, there were problems. Whatever form the fix ultimately took, it … Read more
Google Calls Out Microsoft For Security Issue
Depending on who you ask, Google's Project Zero is either the thing that's going to singlehandedly save the internet, or the bane of many companies' existence. It's easy to see both sides of the argument. On one hand, by uncovering previously undiscovered bugs in all manner of software and handing that information over to the authors, Google is undeniably performing a valued public service. The problem has never been with the "carrot" side of the equation, always with the stick. The … Read more
Android Ransomware Infections Declined in 2017
Android users have a reason to cheer. According to the latest report by ESET, the number of ransomware attacks targeting Android devices declined in 2017. The decline represents a bit of an anomaly, given that in 2017, the most common type of malware attack (by a wide margin) was ransomware. Given that security researchers can't name a particular reason for the decline, it's important not to read too much into the data. Whether there are declining figures or not, ransomware attacks still … Read more
New Apple Update Available for Character Bug Solution
Recently, another "exotic character" bug was found in iOS. If someone sends this particular character (a special character that's part of the Indian language pack) to your phone via any messaging app, it will not only crash your phone, but cause a variety of messaging apps to stop functioning. When the bug was initially reported, Apple treated it as a somewhat low priority item and announced their plan to fix it with the release of iOS 11.3 later this spring. The company's loyal user base, … Read more
IRS Labeled Email Could Contain Ransomware
There's a new strain of the "Rapid Ransomware" making the rounds, and because of how it's being transmitted, it's destined to have a higher than average rate of infection. The new strain was first discovered by Derek Knight. It is disturbing because it claims to come from the IRS, and will feature subject lines like "IRS Urgent Message-164." The body of the email then goes on to say that the recipient owes some amount of money in real estate taxes, and "helpfully" includes instructions for … Read more
Changes To Google Images Will Make Image Theft Difficult
Image theft is one of the biggest problems on the internet. If you're a photographer, you've almost certainly lost money because people find your work online and make a copy of it rather than paying for the right to use it. Unfortunately, Google has made that incredibly easy to do, but that's changing. Until recently, if you did a Google image search, you'd get a list of images that matched your search phrase, and one of the buttons displayed was a "View Image" button that would take you to … Read more
Vulnerability Found In Popular Grammar Checker
On February 2, Tavis Ormandy, a researcher on Google's Project Zero team discovered a critical flaw in the popular online grammar checking app, "Grammarly." Tens of millions of users make regular use of the app to improve the quality of their writing. The bug allowed a hacker to steal a Grammarly user's authentication token and use that token to log on and access every document they've run through the Grammarly system. This along with that user's history, logs and other data. They were able to … Read more
