What's old is new again. Hackers have recently begun re-deploying a decade-old trick called 'ZeroFont' to get around Microsoft's security filters and deliver phishing and spam emails to Office 365 email accounts. The gimmick? Zero-point fonts. As anyone with even passing familiarity to Office 365 knows, if you're drafting a document, you can change the font size to suit your tastes and preferences. What few people realize is that you can use html code to set your font to zero-point … Read more
Archives for June 2018
Majority Of Web Apps Found To Have Security Vulnerabilities
How many web apps do you have on your phone? Probably a ton. Here's something you likely didn't know. Based on the latest research from Positive Technologies, nearly half of them (48 percent) are vulnerable to unauthorized access. As bad as that is, it's just the tip of the proverbial iceberg. Here are some additional disturbing stats from their report : 44 percent of the apps with vulnerabilities place the user's personal data at risk 70 percent are prone to leak critical … Read more
Google Cracking Down On 3rd Party Browser Extension Installs
Malicious code can wind up on your PC or phone by any number of roads. Companies do their best to guard the digital passes, but invariably, things get missed and the hackers find a way in. It's a constant battle, and sadly, one that the good guys are losing. Recently Google has stepped up its efforts, this time by focusing on Chrome browser extensions installed by third parties. By the end of the year, no extensions will be allowed on Chrome except for those acquired via the Web … Read more
Another Vulnerability Found In Intel CPU’s
More bad news for Intel. Yet another security flaw has been identified in the processors the company makes. This one is so newly discovered that the full technical details have yet to be released. Here's what we know so far, from a recent Intel announcement: "System software may opt to utilize Lazy FP state restore instead of eager save and restore of the state upon a context switch...Lazy restored states are potentially vulnerable to exploits where one process may infer register values of … Read more
G-Mail Users Will Soon Have To Use New Design
Change is coming, and not everyone is happy about it. Recently, Google redesigned its G-mail interface, and since then, they've allowed their free users to opt into the new changes. G-Suite users may or may not see the option to try the new interface, depending on whether their administrators have enabled the option and made it visible. The company just announced that beginning in July, 2018, administrators will be required to give all users the ability to opt into the new interface. Then, … Read more
Yahoo Messenger Will Shut Down In July
It's the end of the line for Yahoo Messenger. As of July, it will be no more, marking the end of an era. The announcement comes just six months after AIM (the old AOL messaging program) was shut down. The first major messaging programs from the early days of the internet will soon be a thing of the past. Users will have six months to download their chat histories from Yahoo Messenger. If they haven't gotten what they need by then, they'll lose their chance forever. It probably won't … Read more
Some Private Posts On Facebook May Have Been Exposed
Facebook is in hot water again. Recently, the company admitted that while testing a new feature on the site, they inadvertently made public the posts of more than fourteen million users. The incident occurred between May 18th and May 22nd and occurred when Facebook was testing a new "Featured Posts" enhancement. The goal was that users could selectively make posts visible to everyone. Unfortunately, the error created a situation where any posts users in the test group made were … Read more
New InvisiMole Malware Turns Your System Into A Video Camera
Another week, another new threat. This time, in the form of a new strain of malware that researchers are calling InvisiMole. The new threat was discovered by researchers at ESET, who found it on a number of hacked computers in Russia and the Ukraine. While the researchers have yet to trace the software back to the group that developed it, based on the available evidence, the campaign appears to be tightly targeted and highly selective. Only a few dozen computers have been found to be … Read more
Microsoft Ending Forum Support For Older Operating Systems
Big changes are coming from Microsoft starting in July (exact date unknown), and it has potentially dire implications if you're using some of the company's older technology. Microsoft announced that in July, they'll no longer provide forum-based support for a wide range of products and software, including: Microsoft Band Zune Surface Pro Surface Pro 2 Surface RT Surface 2 Microsoft Security Essentials Internet Explorer 10 Office 2010 Office 2013 Windows … Read more
Attackers Targeting Job Seekers Via Listings And Recruitment
Cyber-criminals around the world are increasingly focusing their attention on job seekers. According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information. Perhaps the biggest surprise is the fact that this is only now becoming a growing threat. After all, from the cyber-criminal's point of view, it's low hanging fruit. Job seekers expect that they'll be asked for all types of … Read more