The Internet on devices continues to be a major problem when it comes to security. Unfortunately, a big part of the reason why comes down to end users. Recently, Bitdefender released a new report entitled "The IoT Threat Landscape And Top Smart Home Vulnerabilities in 2018," and it paints a grim picture indeed. The average home now contains twenty smart devices, and most of them contain security vulnerabilities. 95 percent of those vulnerabilities reside in the firmware. While the majority … Read more
Another Chrome Extension Is Stealing Passwords
Do you use the Chrome browser extension for the MEGA file storage service? If you do, please read this article carefully. The official extension for that service has been compromised. It has been replaced with a malware version that has the capability to steal user login data for a number of popular websites, including Github, Google, Amazon, Microsoft and more. The extension was compromised on September 4th, when an unknown attacker breached MEGA's Chrome Web Store account and uploaded the … Read more
Air Canada Customers May Have Had Their Data Exposed
If you fly Air Canada and use their mobile app, it may be time to change your password. The company recently announced that between August 22nd and August 24th of this year, they detected "unusual log-in behavior," and that a small fraction (some 20,000) of their 1.7 mobile app users may have had their data compromised as a result. The company stressed that no credit card information was compromised, but that doesn't make the breach much less damaging. The exposed data … Read more
Tech Support Scammers Are Advertising Online
Tech Support scams are nothing new, but they are getting increasingly sophisticated. Worse, tech giants like Google are finding it notoriously difficult to detect them. A report recently released by the venerable data security firm, Symantec, indicates that tech support scammers are increasingly integrating call optimization into their schemes, which allows them to insert phone numbers into web pages dynamically. Among other things, this allows the scammers to display the phone number of … Read more
Hacker Requests For Wire Transfers Are Topping Email Scams
Business Email Compromise (BEC) attacks are a major threat, costing business nearly three billion dollars a year. This form of attack primarily targets the C-Suite in order to impersonate them. In the world of BEC attacks, those that employ requests for wire transfers are almost devastatingly effective. Asaf Cidon, the Vice President of Content Security at Barracuda Networks, explains why: "Criminals use business email compromise attacks to obtain access to a business email account … Read more
New Versions Of Ransomware Continue To Wreak Havoc
2017 was "The Year of Ransomware." It saw an incredible number of ransomware attacks and infections, paired with a tremendous number of innovations. Although 2018 hasn't seen quite the same level of ransomware activity, it's still a major threat with one company coming under attack about every ten minutes. Although there haven't been as many innovations so far this year, that doesn't mean they're not occurring, and some of the new ransomware strains are particularly nasty. Of interest, … Read more
Most Small Businesses Can’t Recover From Cyber Breaches
A new study recently published by Sitchfast Technologies paints a grim picture of the threat landscape for small and medium-sized business. Their key finding? A staggering 60 percent of small businesses that suffer a data breach of any magnitude go out of business within six months. Worse, one business owner in three does not have a plan or safeguards in place to prevent a breach. The single biggest weak link in the small business landscape is the fact that most employees who work for smaller … Read more
Vulnerability Found In Major Manufacturers Of Android Phones
Researchers operating out of the University of Florida, Stony Brook University and Samsung Research America have made a disturbing discovery. Millions of Android smartphones manufactured by eleven different OEMs (Original Equipment Manufacturers) were found to be vulnerable to attack via AT Commands. If you're not sure what an "AT Command" is, you're not alone. Part of the Hayes Command Set, ATtention Commands were developed in the early 1980s and designed to be transmitted via phone lines to … Read more
Hackers Now Targeting Point Of Sale Systems
There's a new threat to point of sale (POS) systems coming out of Russia, according to security researchers from Booz Allen Hamilton. The malware, which they're calling "RtPOS" isn't bleeding edge technology, and does not approach the level of sophistication of other recently discovered strains, but that doesn't mean it should be taken lightly. These strains include RawPOS, MajikPOS, UDPOS, and Treasure hunter. In its current incarnation, it has a limited feature set and is basically a RAM … Read more
Hackers Make More Money Than Is Spent On Cybersecurity
Quick question - how much do the world's cyber criminals make every sixty seconds? If you guessed a quarter of a million dollars, you'd be wrong. If you doubled that value, you'd be wrong again. According to research conducted by RiskIQ, cybercriminals are raking in a cool million dollars per minute, compared with businesses spending $171,233 per minute on security measures. It's a lopsided battle, and businesses aren't winning. Some other interesting tidbits culled from the company's … Read more