We've known for some time now that the next big crisis the internet will have to come to grips with is the dramatic rise of the Internet of Things (IOT). The problem isn't with the devices themselves, which are enormously helpful and rapidly growing in their popularity. Rather, it lies in the fact that the overwhelming majority of IoT manufacturers have been notoriously lax when it comes to building even basic security protocols into the goods they make and sell. The lack of security and … Read more
New Google Chrome Feature Created For Better Password Security
Google is taking yet another important step to help save us from ourselves. The company is releasing a complete redesign of their Chrome browser, which is exciting. There's one feature in particular, however, that bears taking a special look at. Perhaps the most significant change to the browser is the addition of a new password manager, which will offer to generate a random password when you sign into a website for the first time. The randomly generated password will be securely tucked away … Read more
SmartHome Users Aren’t Keeping Up With Security Updates
The Internet on devices continues to be a major problem when it comes to security. Unfortunately, a big part of the reason why comes down to end users. Recently, Bitdefender released a new report entitled "The IoT Threat Landscape And Top Smart Home Vulnerabilities in 2018," and it paints a grim picture indeed. The average home now contains twenty smart devices, and most of them contain security vulnerabilities. 95 percent of those vulnerabilities reside in the firmware. While the majority … Read more
Tech Support Scammers Are Advertising Online
Tech Support scams are nothing new, but they are getting increasingly sophisticated. Worse, tech giants like Google are finding it notoriously difficult to detect them. A report recently released by the venerable data security firm, Symantec, indicates that tech support scammers are increasingly integrating call optimization into their schemes, which allows them to insert phone numbers into web pages dynamically. Among other things, this allows the scammers to display the phone number of … Read more
New Versions Of Ransomware Continue To Wreak Havoc
2017 was "The Year of Ransomware." It saw an incredible number of ransomware attacks and infections, paired with a tremendous number of innovations. Although 2018 hasn't seen quite the same level of ransomware activity, it's still a major threat with one company coming under attack about every ten minutes. Although there haven't been as many innovations so far this year, that doesn't mean they're not occurring, and some of the new ransomware strains are particularly nasty. Of interest, … Read more
Hackers Now Targeting Point Of Sale Systems
There's a new threat to point of sale (POS) systems coming out of Russia, according to security researchers from Booz Allen Hamilton. The malware, which they're calling "RtPOS" isn't bleeding edge technology, and does not approach the level of sophistication of other recently discovered strains, but that doesn't mean it should be taken lightly. These strains include RawPOS, MajikPOS, UDPOS, and Treasure hunter. In its current incarnation, it has a limited feature set and is basically a RAM … Read more
Hackers Can Use PDF Files To Access Windows Credentials
Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
Hackers Zone In On Microsoft Products To Attack
Congratulations to Adobe Flash Player for not being the software most targeted by hackers. Security vendor "Recorded Future" has just published their annual list of the software hackers most commonly focus on when targeting computers and handheld devices for attack. For the last several years, Adobe's Flash Player has topped the list, but this year they have been dethroned. Microsoft now has the embarrassing honor. There are multiple Microsoft programs on this year's list, with some of them … Read more
Another 2.4 Million Users Hacked In Equifax Breach
It looks like it's going to be another bad month for Equifax. The company just can't seem to get out of its own way. In 2017, the company announced a massive data breach that (it initially claimed) impacted some 140 million users. Several months after the official announcement, the company was forced to revise the number of impacted users upward, as the forensic investigation into the breach continued. Now, the company has announced a further upward revision of 2.4 million, bringing the … Read more
IRS Labeled Email Could Contain Ransomware
There's a new strain of the "Rapid Ransomware" making the rounds, and because of how it's being transmitted, it's destined to have a higher than average rate of infection. The new strain was first discovered by Derek Knight. It is disturbing because it claims to come from the IRS, and will feature subject lines like "IRS Urgent Message-164." The body of the email then goes on to say that the recipient owes some amount of money in real estate taxes, and "helpfully" includes instructions for … Read more
