Items tagged with cybersecurity
Tech support scammers have been around for quite some time, continually innovating and perfecting their game to rake in more money. The problem has become so big that even YouTubers like Kitboga are making a living trolling these people. However, that has not been enough to stop these problematic people, as the FBI...
Read more...
Gmail users around the world have been getting pop-up notifications in the past few days prompting them to up their security with Enhanced Safe Browsing. This feature, which is enabled across all Google products with a simple toggle, enables real-time security scanning and will help protect you against phishing and...
Read more...
Recently, a plugin utilized by over a million WordPress site owners was discovered to have a bug in a prior release that logged passwords in plaintext. While the problem has since been fixed in an update, credentials may still be floating around in logs, so be sure to take a look.
The All-In-One Security (AIOS)...
Read more...
Over the years, Clop ransomware has hit a number of different targets across a wide variety of industries, from oil and gas to banking institutions. However, the latest organization to be entangled in the Clop trouble is Shutterfly, a photography and personalized items manufacturer based out of San Jose...
Read more...
The general rule of thumb is to not plug in USB drives you find on the ground, and beyond that, certainly don’t run anything on them as it could be malware. However, that rule is being skirted by some people, as researchers have discovered an alarming uptick in the use of infected USB drives to steal data.
Earlier...
Read more...
Microsoft’s traditional Patch Tuesday has arrived, bringing with it a slew of security fixes for 130 vulnerabilities and two published advisories. This update comes at the perfect time, as threat actors have been exploiting some of these vulnerabilities for espionage against defense and government organizations in...
Read more...
Last month, Apple pushed multiple security updates for its products due to vulnerabilities that could lead to the Triangulation spyware being put on your device. Now, the Cupertino-based company has rolled out another Rapid Security Response (RSR) but has since pulled it back due to flaws with the...
Read more...
Earlier this year, reports of a new ransomware family dubbed ‘Big Head’ appeared online in various malware databases. This malware is making the rounds through malvertisement campaigns that look like Windows updates and Word installers, which is rather concerning becuase less savvy users often fall for these...
Read more...
You can call a kitty with a “pspspsps,” but you might be able to call Advanced Persistent Threat (APT) group 42, otherwise known as “Charming Kitten,” with a “pspspsps aux.” All jokes aside, this group, also known as TA453, now targets nuclear security and foreign policy experts to gather intelligence.
Earlier this...
Read more...
If you have a solar roof and power management system, you might be vulnerable to a cyberattack depending on how the system was implemented. However, this problem is not limited to solar but also includes wind and hydroelectric systems connected to the internet, which all make juicy targets for a threat...
Read more...
Just under five years ago, chip manufacturer Taiwan Semiconductor Manufacturing Company, otherwise known as TSMC, was hit by the WannaCry ransomware, thereby crippling production and shutting down plants. Now, the company has purportedly had its data stolen in a new attack thanks to an affiliate of the ransomware gang...
Read more...
With threat actor groups like Blackcat (ALPHV) taking the spotlight, other groups can fly under the radar doing their dastardly deeds. Such is the case with 8Base, a relatively unheard-of ransomware gang that is making waves as one of the most active ransomware groups this summer.
First cropping up in March of...
Read more...
Your password requires at least nine characters, one special character, two numbers, your horoscope, three emoji, and a depiction of the current weather outside. If that seems unhinged, wait until you try The Password Game, a fun but absurd password-creating game taking the internet by storm.
You may have heard of...
Read more...
If you are going to download a program, it may be worth knowing whether you are getting it from the authentic source or a threat actor in between. Such is the case with a trojanized Super Mario game which has been mining cryptocurrency and stealing data while people casually played Super Mario Forever.
Exploiting...
Read more...
In the early morning of Sunday, Diablo IV fans found they could not log in and authenticate to Blizzard’s servers to play the game. What started as an outage became publicly known as a DDoS attack against Blizzard, lasting multiple hours into the afternoon. Though the problem is now fixed, it reignited the question of...
Read more...
This week, Apple patched three vulnerabilities that could lead to Triangulation spyware making it to your device with a zero-interaction exploit delivered through an invisible iMessage. Thus, update your devices as soon as able to patch these vulnerabilities and remain safe from the threat actors exploiting...
Read more...
Earlier this week, ASUS pushed a firmware update for 19 of the company’s routers which fixed nine different CVEs and enhanced security across the board. While updating your routers, ASUS also recommends that owners disable services accessible from the WAN side, such as port forwarding, DDNS, VPN, DMZ, and port...
Read more...
With all the excitement around ChatGPT, it is no wonder that threat actors are taking advantage of the situation. Besides having those with malicious intentions steal your Facebook account, they might also be stealing your ChatGPT account credentials as well, following the discovery of over 100,000 compromised ChatGPT...
Read more...
With Reddit somewhat imploding on the cusp of going public, some are taking advantage of the situation. Ransomware gang BlackCat (ALPHV) has recently claimed a February attack against Reddit, claiming to have stolen 80GB of data from the social media company.
In early February of this year, hackers from the...
Read more...
Over the last year, Google has been trying to step up its security game regarding all things Gmail, from client-side email encryption to brand verification measures to help prevent phishing and spam. However, a security researcher discovered an issue with the latter, putting all Gmail users at risk just before the...
Read more...
The United States' relationship with China, especially regarding technology, has been strenuous at best since at least when the U.S. declared several Chinese companies a threat to national security in 2012. This rhetoric has continued through today but has usually come from the side of the U.S. government. However...
Read more...
In the last couple of years, the ever-popular KeePass password manager has come up in a number of articles, such as when it was recently found that passwords could be stolen through the export functionality. Now, KeePass is back in the news with a vulnerability that could allow an attacker to retrieve the master...
Read more...
