Not long ago, observant Reddit users noted and began discussing a curious phenomenon. It appeared that older iPhones were unexpectedly slowing down, and no one could name the reason why. It caught the attention of a number of security researchers who delved more deeply into the issue, including a man named John Poole, who confirmed the Reddit claims. His tests confirmed that on iPhone 6s and 7s, Apple made tweaks to iOS versions 10.2.1 through 11.2.0. These changes are designed to throttle … Read more
2017 List Of Most Used Passwords Released
SplashData has released their latest annual report on the most commonly used passwords. Unfortunately, the more things change, the more they stay the same. By now, everyone knows that the number of hacking attempts and high-profile data breaches is on the rise. Everyone has heard, on more than one occasion, how important it is to not use the same password across multiple web properties, to enable two-factor authentication if and where it is offered and to use passwords that contain a … Read more
Apple Might Be Working On Universal Apps Across Mac, iOS
Apple has been quietly working on something called "Project Marzipan" for a couple of years now, and it appears that they're getting closer to unveiling it. The company seeks to bring its MacOS and iOS platforms closer together by developing universal apps that will work in either environment. This mirrors Microsoft's Universal Windows app strategy, where apps can detect the environment they're running on and adjust their display and navigation accordingly. Project Marzipan presents some … Read more
Windows 10 Third Party Password Manager Could Have Security Issue
Do you use "Keeper?" If you're not sure what it is, then you probably don't. It's a password manager that Microsoft has been bundling with some of its Windows 10 releases. Either way, there's a serious flaw in its design that you should be aware of. Earlier in the year, Tavis Ormandy, a researcher on Google's Project Zero team, discovered a bug that saw Keeper injecting privileged user information into web pages, exposing all manner of private data unnecessarily to website owners. The … Read more
Researchers Find Malware Targeting Industrial Systems
In the malware ecosystem, few strains are more terrifying than those that target industrial control systems. Think Stuxnet, Industroyer and IronGate. Recently, security researchers from FireEye have identified a new threat in this class of malware. Alternately called "Triton" or "TRISIS," this new code targets Triconex Safety Instrumented Systems (SIS) controllers, which are manufactured by Schneider Electric. These control systems are found in a wide range of industrial equipment. They are, in … Read more
Microsoft Word Gets Update To Disable DDE After Malware Concerns
In recent months, Microsoft Word has been getting a fair amount of bad press, thanks to an old-but-still-supported feature called DDE (Dynamic Data Exchange). This is the feature that allows Word to pull data from other MS Office applications. For instance, if you embed a chart into your Word document, each time you open the doc, it will automatically poll the spreadsheet the chart was created from an update it dynamically. It's a good feature, but unfortunately, it's subject to abuse by … Read more
DirecTV Genie DVR May Have A Major Vulnerability
If you have a Genie DVR system, you should be aware of a major security flaw in the firmware that could allow a hacker to take complete control over the device. At issue is the equipment offered by AT&T as part of their free DireTV WVB Kit. Researchers of the ZDI initiative and Trend Micro discovered a zero-day vulnerability in one of the core components of the system, Linksys WVBR0-25, which is a Linux-powered wireless video bridge. It is this bridge that allows customers to connect up … Read more
Always Connected Laptops Could Be The Next Generation Of Hardware
What's the next big thing for the PC world? If the industry's major players have anything to say about it, it will be the "always-on" PC. Forget about plugging into your company's network. Forget about free WiFi Hotspots. With an always-on PC, you won't have to worry about either. If they're not available, your PC can connect via the same cellular data network your smartphone uses, which means you'll always be just a few mouse clicks away from your data. It sounds fantastic, but there is, … Read more
Data On 123 Million US Households Leaked Online
Security researchers at UpGuard recently made a terrifying discovery in finding an unprotected Amazon S3 server containing several databases belonging to a data analytics provider called Alteryx. While the server contained a variety of databases, the two that are of biggest concern belonged to Alteryx's business partners, Experian and the US Census Bureau. Of these, far and away the most damaging database was the one belonging to Experian. As a credit reporting agency, Experian has access … Read more
Popular Android Keyboard App Collected Private Information, Has Been Breached
How many apps do you have on your smartphone? Do you know how much data they're collecting about you? Most people have scores of apps installed (and often hundreds), even if they only use a few on a regular basis, and shockingly, most users have no idea just how much information those apps are collecting about them. However much you imagine, the answer is probably "more." This point was driven home painfully, courtesy of a recent discovery by a team of researchers at the Kromtech … Read more
