In recent months, Microsoft Word has been getting a fair amount of bad press, thanks to an old-but-still-supported feature called DDE (Dynamic Data Exchange). This is the feature that allows Word to pull data from other MS Office applications. For instance, if you embed a chart into your Word document, each time you open the doc, it will automatically poll the spreadsheet the chart was created from an update it dynamically. It's a good feature, but unfortunately, it's subject to abuse by … Read more
DirecTV Genie DVR May Have A Major Vulnerability
If you have a Genie DVR system, you should be aware of a major security flaw in the firmware that could allow a hacker to take complete control over the device. At issue is the equipment offered by AT&T as part of their free DireTV WVB Kit. Researchers of the ZDI initiative and Trend Micro discovered a zero-day vulnerability in one of the core components of the system, Linksys WVBR0-25, which is a Linux-powered wireless video bridge. It is this bridge that allows customers to connect up … Read more
Adobe, Target & Snapchat. Is Your Company at Risk?
It feels as though every time you turn on the news, there's a story about a company being hacked. If it's happening to companies like Target and Adobe, then it could certainly happen to your company. That is why security and protection are key for having a successful business. What can a security breach do to your company? A major data breach, such as Target's, can cause significant damage to your company financially. It not only costs you thousands of dollars, but it also ruins your company's … Read more
Data On 123 Million US Households Leaked Online
Security researchers at UpGuard recently made a terrifying discovery in finding an unprotected Amazon S3 server containing several databases belonging to a data analytics provider called Alteryx. While the server contained a variety of databases, the two that are of biggest concern belonged to Alteryx's business partners, Experian and the US Census Bureau. Of these, far and away the most damaging database was the one belonging to Experian. As a credit reporting agency, Experian has access … Read more
USB Drives Could Be Huge Factor In Data Loss, Theft
Most people agree that the use of USB drives increases efficiency and boosts productivity, which goes a long way toward explaining their popularity, but these handy little drives can also be problematic. According to a recently published survey by Apricorn, 87 percent of employees surveyed report that they have lost or had a USB drive stolen and failed to notify their employer. Worse, 80 percent of employees surveyed reported using non-encrypted USB drives that they've often acquired for free … Read more
Popular Android Keyboard App Collected Private Information, Has Been Breached
How many apps do you have on your smartphone? Do you know how much data they're collecting about you? Most people have scores of apps installed (and often hundreds), even if they only use a few on a regular basis, and shockingly, most users have no idea just how much information those apps are collecting about them. However much you imagine, the answer is probably "more." This point was driven home painfully, courtesy of a recent discovery by a team of researchers at the Kromtech … Read more
Large Number Of HP Models May Have Keyloggers
HP is in the news again. If you missed the initial story, earlier in the year, it was reported that an audio driver that came pre-installed on a number of HP laptops contained keylogging code that stored every keystroke made by the person using the machine to a human-readable file. Once discovered, HP issued a patch that removed the keylogging function and deleted the data file. Now, an independent security researcher going by the name "ZwClose" has discovered more built-in keyloggers in 460 … Read more
New Facebook Messenger App For Kids Raises Privacy Questions
On the surface, the new Facebook For Kids messenger app looks like a solid win that should put the minds of parents all over the world at ease. The company conducted extensive interviews and assembled a Blue-Ribbon panel of experts to help them craft the new tool, aimed at children ages 6-12. The app itself is user-friendly and filled with bright, cheerful primary colors that appeal to kids, but there are problems, or, at the very least, valid concerns. For one thing, Facebook has made no … Read more
Files Containing Nearly 1.5 Billion Passwords Leaked On The Internet
Researchers from the security firm 4iQ have made a disturbing discovery on the dark web. A massive repository has been discovered that contains a staggering 1.4 billion usernames and passwords in plain text. The repository is well organized, with each letter of the alphabet having its own directory to facilitate rapid search, and 4iQ has tested a subset of the data it contains and found an alarming percentage of the usernames and passwords to be viable. It should be noted that this data … Read more
New “MailSploit” Allows Email Spoofing
Phishing attacks just got a whole lot easier. A German security researcher named Sabri Haddouche has recently discovered a set of email vulnerabilities that have been collectively dubbed "Mailsploit." At the root, these vulnerabilities stem from the way most email systems interpret addresses encoded with a 1992 standard called RFC-1342. The standard is that all information in an email header must be an ASCII character. If a non-ASCII character is encountered, it gets converted. … Read more
