Researchers at Preempt Security recently discovered a critical flaw in Microsoft's Credential Security Support Provider protocol (CredSSP for short) that impacts every version of Windows in existence. It could allow a hacker to remotely exploit Windows Remote Desktop to execute malicious code and steal any data stored on the machine. The flaw, logged as CVE-2018-0886 would allow a hacker to execute a man in the middle attack, (provided that they had Wi-Fi or physical access to the machine) … Read more
RottenSys Malware Has Infected 5M Android Devices Since 2016
There's a new threat on the horizon, according to security researchers from Check Point. A group of hackers in China are busy building a massive botnet that so far, totals almost five million Android smartphones. The hackers are quietly taking control of these devices using a strain of malware known as "RottenSys." While the malware is flexible and can be adapted to any number of purposes, in its present incarnation, it's being used to display copious numbers of advertisements. This … Read more
Google Changing Name Of Android Wear Without Updates
Wearable computing devices from smart watches to glasses are struggling to find an audience, and Google's Android Wear operating system hasn't gotten much love in recent years. It has weakened as major players in the tech space have struggled to find a market for these products. On the face of it, these products would seem to be wildly popular, but still haven't quite captured the imaginations of a critical mass of the consuming public. Google's recent announcement that it was rebranding … Read more
Intel Taking Additional Steps To Prevent Security Flaws
By now, you've almost certainly heard of "Spectre," one of two recently discovered security flaws that impact every chip made by Intel in the last ten years. The story of Spectre, and Intel's response to it has been an interesting one. In response to the flaw's discovery, Intel rushed a firmware patch, but quickly had to take it back and recommend that users not install it, because it created as many problems as it solved. Intel has since released a better, more stable patch, but hasn't … Read more
Massive Malware Attack Stemmed From Bittorent App
According to a Microsoft security researcher, a massive malware attack attempted to install a cryptocurrency mining software on more than 400,000 computers in less than twelve hours. The failed campaign is noteworthy because of the attack vector used. It was a supply chain attack implemented by compromising Bittorrent, a highly popular program used to share and download files. Until recently, security professionals discounted the very possibility of supply chain attacks, regarding them as … Read more
New Freemium Offer Mines Cryptocurrency
Freemium software is certainly nothing new. They are free apps that offer premium features if you don't mind ads displaying while you're using it or paying a small fee to have the ads removed. At least one company is trying a new business model on for size, albeit with limited success. The company is Qbix, and their freemium app is called "Calendar 2." It's a solid calendar app with more features than Apple's default app, and the Qbix offers its users premium features if they're willing to … Read more
New Chips Support Increased Network Speeds To 400Gbps
Marvell Semiconductor has a new product out, and it's a game changer. Their new "Alaska" chip (the Alaska C 88x7120) is the first on the market to support the new 802.3 standard. The 802.3cd is on tap to eventually replace current Ethernet ports running at 25Gbps to 100Gbps with ports that will run at 50Gbps, 200 Gbps, and 400 Gbps. The future is now. Granted, the Alaska chips aren't for sale just yet, but they are sampling to customers ("Sampling" in the chip world is akin to beta … Read more
Attacks on Health Organizations Increasing At Alarming Rate
It used to be the case that credit card companies and retail outlets were the primary targets of hackers around the world. Make no mistake, they still get attacked with regularity, but the hackers have found a new and even more lucrative target: Health Organizations. According to a new report jointly produced by the Ponemon Institute and Merlin International, the medical/healthcare industry suffered nearly a quarter (23 percent) of all the data breaches that occurred in 2017. It gets … Read more
Beware Fake Craigslist Email Could Contain Ransomware
If you post ads on Craigslist for short term employment, be aware that there's a new malspam campaign that aims to distribute Sigma ransomware on the computers of unwary users. By all outward appearances, the emails seem to come from Craigslist in response to ads posted in Craigslist's "Gigs" section for short term employment. The emails will generally express interest in whatever job the user has posted and include a protected Word or RTF document which recipients will assume are … Read more
Windows Media Player May Be Replaced By Microsoft App
A Reddit user named "Noam_ha" recently posted a screenshot displaying a popup message when users open the venerable Windows Media Player (WMP), asking users if they would instead like to open the video file with the company's more modern Movies and TV app. The popup message touts the Movie and TV app's advantages, which includes better battery life if running on a phone or laptop, better compatibility with more modern video formats, a mini-view, and support for 360-degree video on Augmented … Read more
