Researchers at Malwarebytes have discovered a new exploit that allows malicious website owners to use your PC to mine various forms of cryptocurrency, even if you exit the browser window the malicious site was displayed on. The exploit relies on a smart pop-under trick. A code on the website determines your monitor's resolution and places a ghost browser session sitting behind the clock on the MS Windows task bar, where it continues to mine cryptocurrency, utilizing a portion of your CPU's … Read more
Some Computer Manufacturers Are Disabling Intel Chip Firmware
Intel is catching some flak for releasing CPU technology that's filled with security flaws. At issue is Intel's Management Engine (ME), which is designed for Enterprise use and is of no real value on equipment designed for personal or home use. Although many popular PC and laptop manufacturers, including Acer, Panasonic, Lenovo, Fujitsu, HP, and others are selling equipment with Intel ME enabled, so far, three hardware vendors have opted to disable the firmware. These three vendors are … Read more
Ransomware Attackers Are Increasing Their Attacks On Businesses
The ransomware ecosystem is maturing. Strains are divided into "families" and the number of new families that have been discovered in 2017 is half what it was in 2016. Even so, the total number of attacks targeting businesses have risen by 26 percent over last year's totals, according to the latest statistics released by Kaspersky Lab. Rather than inventing wholly new software strains, hackers around the world seem content to modify existing strains, with the number of modifications growing … Read more
Paypal-Owned Company Sees Breach Of 1.6 Million Customers
TIO Networks, a cloud-based, multi-channel bill payment platform purchased by Paypal for $233 million in 2017, was breached earlier this year, exposing PII (Personally Identifiable Information) for an estimated 1.6 million of the service's users. TIO Networks primarily does payment processing and accounts receivables for cable, utility, wireless and telecom companies in North America. If you do business with TIO, it's possible that your company or personal information may have been … Read more
Former Employees Pose Serious Risk To Security
The Department of Health and Human Services' Office for Civil Rights (OCR) has reminded those who deal with PHI and PII of the dangers that terminated employees can pose to system security in their monthly cyber security newsletter. Their advice is as timely as it is excellent, and includes the following: "Making sure that user accounts are terminated so that former workforce members don't have access to data is one important way Identity and Access Management can help reduce risks posed by … Read more
Many Consumers Would Withdraw Business From Companies If Data Breached
You've probably heard the phrase "the customer is always right" a thousand times. It's a truism in the business world, except when it isn't. A recent survey released by Gemalto reveals a dismaying dichotomy that's costing businesses around the world big money. Only 27 percent of consumers surveyed feel that businesses do enough to protect customer data, and an overwhelming 70 percent of them say that they'd take their business elsewhere if a company suffered a data breach. Unfortunately, … Read more
Fake Symantec Blog Post Is Spreading Mac Malware
Sometimes hackers opt for a stealthy approach. Other times, their attempts are downright brazen. That's definitely the case with a newly launched malware campaign that seeks to spread "Proton Mac," a strain of malware designed to steal passwords from Mac users. The hackers registered a domain very similar to Symantec's blog, mirrored its content and then created a fake post about a new version of CoinThief, which was moderately successful back in 2014. After going into a bit of faux … Read more
Bug in macOS Could Allow Hackers Root Access
Do you own a Mac? Is it running Apple's latest macOS, the "High Sierra?" If so, be extra careful with who you allow access to your machine. A security flaw recently discovered by a developer named Lemi Orhan Ergin can easily allow anyone unfettered access to everything on your machine, and by extension, give them an easy "in" to whatever network it's connected to. All they need is physical access. Exploiting this vulnerability is a lesson in simplicity. All a hacker has to do is enter … Read more
A Million Imgur Users Affected By Breach
Do you use the image hosting service, Imgur? If you do, there's a slight chance that you'll be prompted to change your password the next time you log on. That's because the company's servers were breached in 2014, and the hackers made off with 1.7 million usernames and passwords, which represents just a tiny fraction of the company's 150 million users. Although the breach happened a few years ago, the company only found out about it on Thanksgiving Day of this year. Their response was … Read more
Apple Devices Can Get Viruses
Are you under the impression Apple devices are exempt from viruses and hacking? A great deal of Apple users consider Apple systems safer to use than Windows because of the "built-in" security Apple programs into their devices. But Windows operating systems also come with similar existing security to prevent hackers and viruses. So why is there a difference in virus vulnerability? So here's the deal: In their advertising, Apple markets its systems as not needing third-party antivirus … Read more
