Users of Apple tech have a new reason to worry. A security researcher named Sabri Haddouche, who works for an instant messaging app called "Wire," has published a proof of concept web page. It contains a fatal exploit that can crash and restart iPhones, iPads and any Mac. Essentially then, the entire Apple ecosystem is vulnerable. Worse, the security flaw can be exploited using nothing more than CSS and HTML code. The flaw resides in Apple's WebKit, which is its web rendering engine used … Read more
Archives for September 2018
Popular NAS Device May Easily Be Compromised
Western Digital has a big problem, and if you use the company's "My Cloud" network-attached storage (NAS) storage devices, you've got one too. The WD My Cloud service is enormously popular because it's so convenient, allowing both business owners and individuals to store their files, perform periodic backups, and of course, access their data from anywhere in the world. Recently, security researchers have discovered an authentication bypass vulnerability that could allow an attacker to gain … Read more
Malware Reports Continue To Rise
We've known for some time now that the next big crisis the internet will have to come to grips with is the dramatic rise of the Internet of Things (IOT). The problem isn't with the devices themselves, which are enormously helpful and rapidly growing in their popularity. Rather, it lies in the fact that the overwhelming majority of IoT manufacturers have been notoriously lax when it comes to building even basic security protocols into the goods they make and sell. The lack of security and … Read more
Your Business Email Is Highly Targeted For Attacks
There's a new report out, authored by ProofPoint, and its findings for business are grim. It's no secret that businesses of all shapes and sizes are coming under increasing fire from hackers around the world. Now we have hard data that shows us exactly how big of an increase we're seeing. Here are some of the key findings in the report: Email fraud attacks targeting businesses have increased 25 percent in the last quarter alone They have increased by a staggering 85 percent from … Read more
New Google Chrome Feature Created For Better Password Security
Google is taking yet another important step to help save us from ourselves. The company is releasing a complete redesign of their Chrome browser, which is exciting. There's one feature in particular, however, that bears taking a special look at. Perhaps the most significant change to the browser is the addition of a new password manager, which will offer to generate a random password when you sign into a website for the first time. The randomly generated password will be securely tucked away … Read more
SmartHome Users Aren’t Keeping Up With Security Updates
The Internet on devices continues to be a major problem when it comes to security. Unfortunately, a big part of the reason why comes down to end users. Recently, Bitdefender released a new report entitled "The IoT Threat Landscape And Top Smart Home Vulnerabilities in 2018," and it paints a grim picture indeed. The average home now contains twenty smart devices, and most of them contain security vulnerabilities. 95 percent of those vulnerabilities reside in the firmware. While the majority … Read more
Microsoft Outlook is Rolling Out New Design Changes
Microsoft is making some long overdue and welcome changes to Outlook to include the Windows and the Web-based version. People who use either one will now see a "Coming Soon" option that allows users to toggle between the version they've got now, and the new and improved version with the changes. As to those changes, they fall broadly into three groups: Better Organization - The improved Outlook offers intelligent technology, specialized icons, visual changes and a "highlights" feature … Read more
Microsoft Allowing More Time For Major Windows 10 Updates
Microsoft has been making two major Windows 10 releases every year, giving businesses 18 months before they need to move to the next update. This plan and schedule is part of the company's "Windows as a service" paradigm, designed to ensure that Windows 10 gets new features, as opposed to the company's former practice of a new Windows release every three years. In most respects, the new paradigm has to be regarded as the superior approach, but unfortunately, the pace is a bit too fast for … Read more
Another Chrome Extension Is Stealing Passwords
Do you use the Chrome browser extension for the MEGA file storage service? If you do, please read this article carefully. The official extension for that service has been compromised. It has been replaced with a malware version that has the capability to steal user login data for a number of popular websites, including Github, Google, Amazon, Microsoft and more. The extension was compromised on September 4th, when an unknown attacker breached MEGA's Chrome Web Store account and uploaded the … Read more
Name Of Utility Company That Leaked Information Just Released
In 2016, an unnamed US energy company left some 30,000 records (containing information about its security assets) exposed for more than two months (a total of 70 days), in violation of energy sector cyber security regulations. When the incident was initially reported, the name of the company was withheld. That company has now agreed to a $2.7 million-dollar settlement, and its name has now been made public, along with some additional details about the incident. Initially, the company … Read more