Showing only posts tagged Tech. Show all posts.

With help from Google, impersonated Brave.com website pushes malware

Source

Enlarge (credit: Getty Images ) Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data. The attack worked by registering the domain xn--brav-yva[.]com …

Venmo gets more private—but it’s still not fully safe

Source

Enlarge (credit: Getty Images) Venmo, the popular mobile payment service, has redesigned its app. That's normally news you could safely ignore, but this announcement is worth a closer look. In addition to making some navigational tweaks and adding new purchase protections, the PayPal-owned platform is finally shutting down its …

Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling

Source

Enlarge The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources. As operating systems and applications become harder to hack, successful attacks …

For years, a backdoor in popular KiwiSDR product gave root to project developer

Source

Enlarge (credit: KiwiSDR ) A spectrum painted image made using KiwiSDR. (credit: xssfox) KiwiSDR is hardware that uses a software-defined radio to monitor transmissions in a local area and stream them over the Internet. A largely hobbyist base of users does all kinds of cool things with the playing-card-sized devices …

Up to 1,500 businesses infected in one of the worst ransomware attacks ever

Source

Enlarge (credit: Suebsiri Srithanyarat / EyeEm / Getty Images ) As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya’s customers …

Apps with 5.8 million Google Play downloads stole users’ Facebook passwords

Source

Enlarge (credit: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images) Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company's Play marketplace after researchers said these apps used a sneaky way to steal users' Facebook login credentials. In a bid …

Microsoft digitally signs malicious rootkit driver

Source

Enlarge Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said. The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or needing to take additional steps. For …

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Source

Enlarge (credit: Getty Images) Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found. The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those …

A week after arrests, Cl0p ransomware group dumps new tranche of stolen data

Source

Enlarge (credit: Getty Images ) A week after Ukrainian police arrested criminals affiliated with the notorious Cl0p ransomware gang, Cl0p has published a fresh batch of what’s purported to be confidential data stolen in a hack of a previously unknown victim. Ars won’t be identifying the possibly victimized …

Newly discovered Vigilante malware outs software pirates and blocks them

Source

Enlarge (credit: Getty Images ) A researcher has uncovered one of the more unusual finds in the annals of malware: booby-trapped files that rat out downloaders and try to prevent unauthorized downloading in the future. The files are available on sites frequented by software pirates. Vigilante, as SophosLabs Principal Researcher …

Mystery malware steals 26M passwords from 3M PCs. Are you affected?

Source

Enlarge (credit: Getty Images ) Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified. In all, researchers from NordLocker said on Wednesday, the database contained …

Mystery malware steals 26M passwords from millions of PCs. Are you affected?

Source

Enlarge (credit: Getty Images ) Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified. In all, researchers from NordLocker said on Wednesday, the database contained …

Amazon devices will soon automatically share your Internet with neighbors

Source

Enlarge (credit: Amazon ) If you use Alexa, Echo, or any other Amazon device, you have only 10 days to opt out of an experiment that leaves your personal privacy and security hanging in the balance. On June 8, the merchant, Web host, and entertainment behemoth will automatically enroll the …

Actively exploited macOS 0-day let hackers take screenshots of infected Macs

Source

Enlarge (credit: CHUYN / Getty Images ) Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zero-day was exploited by XCSSET, a piece of malware discovered by security firm …

Actively exploited macOS 0day let hackers take screenshots of infected Macs

Source

Enlarge (credit: CHUYN / Getty Images ) Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zeroday was exploited by XCSSET, a piece of malware discovered by security firm …

4 vulnerabilities under attack give hackers full control of Android devices

Source

Enlarge (credit: Getty Images ) Unknown hackers have been exploiting four Android vulnerabilities that allow the execution of malicious code that can take complete control of devices, Google warned on Wednesday. All four of the vulnerabilities were disclosed two weeks ago in Google’s Android Security Bulletin for May. Google …

Actively exploited Mac 0-day neutered core OS security defenses

Source

Enlarge (credit: Getty Images) When Apple released the latest version 11.3 for macOS on Monday, it didn't just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms, some …

Apple’s ransomware mess is the future of online extortion

Source

Enlarge (credit: Aurich Lawson) On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products …

Millions of web surfers are being targeted by a single malvertising group

Source

Enlarge (credit: Getty Images ) Hackers have compromised more than 120 ad servers over the past year in an ongoing campaign that displays malicious advertisements on tens of millions, if not hundreds of millions, of devices as they visit sites that, by all outward appearances, are benign. Malvertising is the …

US government strikes back at Kremlin for SolarWinds hack campaign

Source

Enlarge (credit: Matt Anderson Photography/Getty Images) US officials on Thursday formally blamed Russia for backing one of the worst espionage hacks in recent US history and imposed sanctions designed to mete out punishments for that and other recent actions. In a joint advisory, the National Security Agency, FBI …

No password required: Mobile carrier exposes data for millions of accounts

Source

Enlarge (credit: Getty Images) Q Link Wireless, a provider of low-cost mobile phone and data services to 2 million US-based customers, has been making sensitive account data available to anyone who knows a valid phone number on the carrier’s network, an analysis of the company’s account management …

Windows and Linux devices are under attack by a new cryptomining worm

Source

Enlarge (credit: Getty Images) A newly discovered cryptomining worm is stepping up its targeting of Windows and Linux devices with a batch of new exploits and capabilities, a researcher said. Research company Juniper started monitoring what it’s calling the Sysrv botnet in December. One of the botnet’s …

Malicious cheats for Call of Duty: Warzone are circulating online

Source

Enlarge (credit: CHUYN / Getty Images ) Criminals have been hiding malware inside publicly available software that purports to be a cheat for Activision’s Call of Duty: Warzone, researchers with the game maker warned earlier this week. Cheats are programs that tamper with in-game events or player interactions so that …

North Korean hackers return, target infosec researchers in new operation

Source

Enlarge In January, Google and Microsoft outed what they said was North Korean government-sponsored hackers targeting security researchers. The hackers spent weeks using fake Twitter profiles—purportedly belonging to vulnerability researchers—before unleashing an Internet Explorer zero-day and a malicious Visual Studio Project, both of which installed custom malware …

Android sends 20x more data to Google than iOS sends to Apple, study says

Source

Enlarge / Insomnia people and mobile-addiction concepts. (credit: Getty Images ) Whether you have an iPhone or an Android device, it’s continuously sending data including your location, phone number, and local network details to Apple or Google. Now, a researcher has provided a side-by-side comparison that suggests that, while both …

« newer articles | page 2 | older articles »