Category:

Fraud Alert for Local Hawaii Businesses

A new scam is afoot you should know about as it is targeting local Hawaii businesses. The Judiciary has notified the State Procurement Office (SPO) regarding an unknown third party (Perpetrator) impersonating a government employee. The perpetrator is contacting vendors by phone or by email and is issuing fraudulent purchase orders, which appears as if signed by a government employee. On acceptance of the purchase order, the goods are sent to an unknown third party, typically a forward shipping company. Fortunately the vendor in this instance, determined the purchase order Continue Reading

Posted On :
Category:

Microsoft Edge Flaw Lets Hackers Steal Files From Your Computer

Microsoft has fixed a vulnerability in the Edge browser that could be abused against older versions to steal local files from a user’s computer. The good news is that social engineering is involved in exploiting the flaw, meaning the attack cannot be automated at scale, and, hence, present a smaller level of danger to end users. Edge flaw is SOP-related Discovered by Netsparker security researcher Ziyahan Albeniz, the vulnerability involves the Same-Origin Policy (SOP) security feature that all browser support. In Edge, and all other browsers, SOP works by preventing an attacker Continue Reading

Posted On :
Category:

LifeLock Bug Exposed Millions of Customer Email Addresses

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company. The upshot of this weakness is that cyber criminals could harvest the data and use it in Continue Reading

Posted On :
Category:

How to protect yourself from ‘spear phishing’ hacking techniques

As sophisticated as the scheme was by Russian intelligence agents to interfere in the 2016 presidential election, they used a simple hacking technique, among others, to infiltrate the email accounts of Democratic operatives, according to Special Counsel Robert Mueller’s latest indictment. And that technique—known as “spear phishing—remains a threat not just to campaign officials but to employees and consumers. Spear phishing is a scam in which cyber criminals pose as trusted sources and send phony electronic messages to targeted individuals to trick them into revealing sensitive information. In the case of John Continue Reading

Posted On :
Category:

Major International Airport’s Security System Found for Sale on Dark Web

The closest many of us get to the dark web is watching hackers surf it in television shows or movies. However, it is a very real place that contains lots of stolen data. This data, along with compromised systems, devices, and more are often sold in underground marketplaces that exist on the dark web. One type of marketplace is called a remote desktop protocol (RDP) shop, which provides access to stolen systems for a small fee. Found in one of these RDP shops by McAfee’s ATR team: a major international airport’s security Continue Reading

Posted On :
Category:

Samsung phones randomly texting photos to contacts

Some Samsung  users are complaining that their smartphones randomly sent photos and scheduled texts to contacts. According to posts on Reddit and Samsung’s official support boards first spotted by Gizmodo, the devices affected include the Galaxy S9 and Galaxy Note 8. Their owners say that Samsung Messages, the default texting app for Galaxy devices, pushed photos and scheduled texts to random contacts, but left no record of the messages being sent. One Reddit user says his Galaxy S9+ sent his entire photo library to a contact in the middle of the night while he was Continue Reading

Posted On :
Category:

Hackers May Be Using Your Phone to Commit Crime

Right now, your mobile phone could be hosting invisible software that’s helping hackers commit crimes across the globe and you’d have virtually no way of knowing it. That’s one of the key findings released today by a team of researchers at Distil Networks, a San Francisco security firm. Data engineers say they made an alarming discovery of bot networks, infecting millions of mobile devices worldwide. While researching customer account abuse and takeovers they suddenly realized that a lot of mobile requests were coming in. That observation led to further scrutiny of mobile Continue Reading

Posted On :
Category:

Critical security hole in Microsoft Edge web browser just discovered

A strange Microsoft Edge bug dubbed “Wavethrough” has been discovered that could allow a malicious website to retrieve content from other websites. The vulnerability uncovered by Google employee Jake Archibald occurs when a malicious website uses service workers to load multimedia content inside an < audio > tag from a remote site while using the “range” parameter to load a specific portion of the file. Archibald said it involves wave audio and data that is allowed through despite the fact that it shouldn’t be. “This is a huge bug,” said Continue Reading

Posted On :
Category:

3 employee training tips to prevent a data breach at your company

Employers have learned the hard way that one of the biggest security threats comes from their own staff. A report published by Ipswitch looks at data breach causes to find out how rogue employees rank. An interesting find is that up to 75% of data breaches result from insider threats, while a separate report by Veriato suggests that 90% of cybersecurity experts feel that their company is vulnerable to insider attacks. In fact, about 50% of the 472 professionals surveyed said they had suffered these attacks in the previous 12 months. Deliberate or not, these threats are very real Continue Reading

Posted On :