Category:

Microsoft Edge Flaw Lets Hackers Steal Files From Your Computer

Microsoft has fixed a vulnerability in the Edge browser that could be abused against older versions to steal local files from a user’s computer. The good news is that social engineering is involved in exploiting the flaw, meaning the attack cannot be automated at scale, and, hence, present a smaller level of danger to end users. Edge flaw is SOP-related Discovered by Netsparker security researcher Ziyahan Albeniz, the vulnerability involves the Same-Origin Policy (SOP) security feature that all browser support. In Edge, and all other browsers, SOP works by preventing an attacker Continue Reading

Posted On :
Category:

LifeLock Bug Exposed Millions of Customer Email Addresses

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company. The upshot of this weakness is that cyber criminals could harvest the data and use it in Continue Reading

Posted On :
Category:

Major International Airport’s Security System Found for Sale on Dark Web

The closest many of us get to the dark web is watching hackers surf it in television shows or movies. However, it is a very real place that contains lots of stolen data. This data, along with compromised systems, devices, and more are often sold in underground marketplaces that exist on the dark web. One type of marketplace is called a remote desktop protocol (RDP) shop, which provides access to stolen systems for a small fee. Found in one of these RDP shops by McAfee’s ATR team: a major international airport’s security Continue Reading

Posted On :
Category:

Samsung phones randomly texting photos to contacts

Some Samsung  users are complaining that their smartphones randomly sent photos and scheduled texts to contacts. According to posts on Reddit and Samsung’s official support boards first spotted by Gizmodo, the devices affected include the Galaxy S9 and Galaxy Note 8. Their owners say that Samsung Messages, the default texting app for Galaxy devices, pushed photos and scheduled texts to random contacts, but left no record of the messages being sent. One Reddit user says his Galaxy S9+ sent his entire photo library to a contact in the middle of the night while he was Continue Reading

Posted On :
Category:

Hackers May Be Using Your Phone to Commit Crime

Right now, your mobile phone could be hosting invisible software that’s helping hackers commit crimes across the globe and you’d have virtually no way of knowing it. That’s one of the key findings released today by a team of researchers at Distil Networks, a San Francisco security firm. Data engineers say they made an alarming discovery of bot networks, infecting millions of mobile devices worldwide. While researching customer account abuse and takeovers they suddenly realized that a lot of mobile requests were coming in. That observation led to further scrutiny of mobile Continue Reading

Posted On :
Category:

Critical security hole in Microsoft Edge web browser just discovered

A strange Microsoft Edge bug dubbed “Wavethrough” has been discovered that could allow a malicious website to retrieve content from other websites. The vulnerability uncovered by Google employee Jake Archibald occurs when a malicious website uses service workers to load multimedia content inside an < audio > tag from a remote site while using the “range” parameter to load a specific portion of the file. Archibald said it involves wave audio and data that is allowed through despite the fact that it shouldn’t be. “This is a huge bug,” said Continue Reading

Posted On :
Category:

3 employee training tips to prevent a data breach at your company

Employers have learned the hard way that one of the biggest security threats comes from their own staff. A report published by Ipswitch looks at data breach causes to find out how rogue employees rank. An interesting find is that up to 75% of data breaches result from insider threats, while a separate report by Veriato suggests that 90% of cybersecurity experts feel that their company is vulnerable to insider attacks. In fact, about 50% of the 472 professionals surveyed said they had suffered these attacks in the previous 12 months. Deliberate or not, these threats are very real Continue Reading

Posted On :
Category:

Why the FBI is asking people to reboot their routers

Russian malware, known as VPNFilter has infected millions of internet connected routers and devices across the globe. It efficiently collects personal information by monitoring your internet activity and sends it to the dark web. If you have one of our Total Security firewalls, you’re okay but if you’re using a Belkin, Linksys, Netgear or TP-Link device, read on. The hacker alias behind this malware is called Sofacy, a hacker group working with the Russian government. They became famous for hacking the Democratic National Committee during the 2016 U.S Election. The FBI issued Continue Reading

Posted On :
Category:

GDPR, Europe’s new privacy law, is officially here

Europe’s highly anticipated new privacy law, the General Data Protection Regulation, went into effect Friday, a law that will impact virtually every technology company worldwide. The new law requires any company that operates in the EU or any company that serves EU citizens to follow strict new privacy guidelines meant to protect consumers from companies abusing their personal data. Companies that fail to comply could face financial penalties as high as 4 percent of their annual revenue. For companies like Facebook, Google and Apple, that could amount to billions of dollars Continue Reading

Posted On :
Category:

Chili’s Data Breach – credit cards stolen

Chili’s Grill & Bar experiences a “data incident” that exposes some of its customers’ credit & debit card numbers, names & other payment card information. Chili’s Grill & Bar experienced a “data incident” that compromised some of its customers’ payment card information, according to a prepared statement from parent company Brinker International. The restaurant chain learned about the incident Friday. The Chili’s breach may have occurred between March and April 2018, Brinker indicated. Chili’s officials said they believe malware was used to obtain customers’ payment card information, including credit or debit card numbers and Continue Reading

Posted On :