This week, researchers have reported that earlier this year, threat actors leveraged a vulnerability in Windows to deploy DarkGate malware after phishing the victim for initial access. The vulnerability tracked as CVE-2024-21412 led to users running fake Microsoft software installer (.MSI) packages that looked like...
Read more...
Attempts at or unintended incidents of tracking military members have been happening for years, such as when the Strava running app leaked the location of military bases thanks to a published heat map of running locations. Now, however, a threat actor is either being incredibly precise, or companies are just trying to...
Read more...
Almost a year ago exactly, DuckDuckGo introduced a new App Tracking Protection feature for its Android browser app as part of the company’s plan to build an all-in-one privacy app that extends beyond just web browsing and search results. DuckDuckGo initially launched this new feature in closed beta, but, as of...
Read more...
Researchers at the cybersecurity company Guardio have uncovered a campaign that has stealthily injected malware into the chromium-based browsers of over one million victims. The campaign makes use of browser extensions distributed through the Google Chrome Web Store and the Microsoft Edge Add-ons store. However, the...
Read more...
Researchers at the cybersecurity company Zscaler have discovered a new version of the Ducktail Infostealer in a malware campaign seeking to steal Facebook Business account credentials. Cybersecurity researchers first identified the Ducktail Infostealer in 2021, attributing the bit of malware to a Vietnamese threat...
Read more...
We frequently write about Android malware smuggled onto the Google Play Store in the form of what appear to be legitimate apps. However, the Play Store isn’t the only Google-run app store with a malware problem. A new report by McAfee Labs identifies five extensions on the Chrome Web Store that contain malicious...
Read more...
As you're surfing the web, it is a pretty fair bet that most of the websites you visit run on a Linux-based operating system. It is the world's most popular server platform, after all. Thanks to the open-source nature of Linux, it is often considered far more secure than most alternatives, as any vulnerabilities...
Read more...
The US Department of Justice (DOJ) announced it has seized an estimated $3.6 billion in stolen cryptocurrency. The seizure came along with the arrest of a married couple accused of laundering 119,754 bit coin in an elaborate scheme.
Headlines denoting hackers stealing cryptocurrency is not an uncommon occurrence...
Read more...
A Two-Factor Authentication (2FA) app that's been making the rounds on Google Play could steal your banking information, say researchers at Pradeo, a mobile security research and product provider based out of France. According to the team, the app was removed from the Google Play store, however, it remained active and...
Read more...
Microsoft has been toppled from its position on at least one list, but it’s doubtful the company is too upset over it. International shipping service DHL took the No. 1 spot as most-imitated (spoofed) brand in phishing attacks for the fourth quarter of 2021.
In many phishing attacks, the attacker tries to fool the...
Read more...
You might already use DuckDuckGo as your go-to search engine rather than Google or Bing (or whatever else—AskJeeves, perhaps?). If you're into DuckDuckGo, then you will be ecstatic to learn that it is expanding from a privacy oriented search engine into a full-blown browser on the desktop, just as it has done on...
Read more...
Security researchers have sounded the alarm on four BIOS vulnerabilities affecting 129 different Dell models, including various laptop and desktop systems, as well as some tablets. In total, it is estimated that around 30 million Dell systems are susceptible to the vulnerabilities and should be patched right away...
Read more...
Last week, cybersecurity researchers discovered an open Elasticsearch database that exposed an extensive fake Amazon reviews scam ring. The database contained millions of direct messages between Amazon vendors and upwards of 200,000 customers willing to provide fake reviews in exchange for free products. It is...
Read more...
The same group of hackers that hit the NBA's Houston Rockets basketball team with a ransomware attack earlier this month has now turned its sights on the police force in Washington, D.C. It is the latest in a string of concerning ransomware attacks aimed at police over the past several weeks, where data leaks can put...
Read more...
Despite all the advancements made in computing, even today the printer can still an extreme source of frustration. Usually it's because the network refuses to recognize the darn thing, and sometimes it's because the printer obsesses over a low ink level and stubbornly refuses to print. But more recently, a bug in...
Read more...
As time goes on, people are becoming more aware of their privacy and data security regarding the products they use. We saw this with the outpouring of concern over WhatsApp’s privacy policies, causing confusion. People do not typically think about their search engine, though, but that is changing as well. DuckDuckGo...
Read more...
It looks as though DJI could be in for some rough seas ahead as the U.S. Department of Commerce has just placed the drone maker on its dreaded Entity List. This is essentially an economic blacklist that prevent DJI from conducting business with U.S. companies due to potential threats to national security. If you...
Read more...
Smart home appliances and internet of things (IoT) devices are becoming part of daily life for many. You may even have one of these devices near you right now and it's likely connected to the internet in some way. While the product category may offer some innovative solutions, some products on the market currently...
Read more...
Security researchers from China have outlined a new attack dubbed BadPower that can alter the firmware of fast chargers to cause damage to power systems of connected devices. Using the technique, the researchers say they can melt components or potentially set devices on fire. BadPower was detailed last week in a...
Read more...
As tens of thousands of workers have been pushed out of the office and into remote working from home environments due to the coronavirus outbreak around the world, new types of challenges have surfaced that businesses are having to deal with. The big issue is that with so many new companies and workers now working...
Read more...
Well, this is an unfortunate turn of events. Back in July, security researchers at Sophos created a proof-of-concept demonstration showing on how easy it would be for an unpatched RDP (Remote Desktop Protocol) server to be compromised by BlueKeep, a wormable Windows bug. Fast forward to today, and it's been discovered...
Read more...
It would seem like common sense if you are among the people attending a hacking conference to secure your devices against attacks. After all, you and your tech gear are walking into the proverbial lion's den. If you were ever going to have your fitness tracker, smartphone, laptop, or other tech device hacked, DEFCON...
Read more...
