Author Archives: Zeljka Zorz

Dell EMC plugs critical bugs in VMAX enterprise storage offerings

Dell EMC has patched two critical flaws in vApp Manager, the management interface for its VMAX enterprise storage systems, and is urging all customers to implement fixes as soon as possible. About the VMAX enterprise storage vulnerabilities The flaws were discovered and reported by Tenable’s director of reverse engineering Carlos Perez. The graver of the two is CVE-2018-1216, which marks the existence of a hard-coded password vulnerability. “The vApp Manager contains an undocumented default account … More

Scanned IDs of 119,000 FedEx customers exposed online

An unsecured Amazon Web Services bucket holding personal information and scans of IDs of some 119,000 US and international citizens has been found sitting online by Kromtech security researcher earlier this month. The stored data had been stockpiled by Bongo International, a company that specialized in helping North American retailers and brands sell online to consumers in other countries. Bongo was acquired by FedEx in 2014, relaunched as FedEx Cross-Border International, and ultimately shuttered in … More

Intel offers to pay for Spectre-like side channel vulnerabilities

Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. Where information about critical vulnerabilities in Intel software, firmware and hardware could have previously been rewarded with up to $7,500, $10,000 and $30,000, respectively, now the bounties in those same categories go up to $10,000, $30,000 and $100,000. A new bug bounty program for side channel vulnerabilities The company … More

UK government officially blames Russia for NotPetya attack

The UK government has officially attributed the June 2017 NotPetya cyber attack to the Russian government. The statement is backed by an assessment of the UK’s National Cyber Security Centre, which has found that the Russian military was “almost certainly” responsible for it. The NotPetya attack “The NotPetya attack saw a malicious data encryption tool inserted into a legitimate a piece of software used by most of Ukraine’s financial and government institutions,” the NCSC noted. … More

IoT botnet bypasses firewalls to get to ZyXEL modems

NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More

Microsoft boosts Windows Analytics to help squash Meltdown and Spectre bugs

A day after Microsoft announced it will be adding Windows Defender ATP down-level support for older OSes comes the news that its Windows Analytics service is getting new capabilities aimed at helping businesses tackle Meltdown and Spectre vulnerabilities on machines in their fleet. What is Windows Analytics? Windows Analytics is a free telemetry analysis tool for business administrators. It is meant for guiding organizations through upgrading to and staying current on Windows 10 by providing … More

How cybercriminals exploited Telegram flaw to deliver malware

A “vulnerability” in Telegram’s desktop instant messaging client for Windows was exploited for months by Russian cybercriminals to deliver malware to users. Kaspersky Lab researchers discovered in October 2017 that the flaw – which is actually more of a loophole, really – was being actively exploited. They notified Telegram about the issue, and sometime between then and now the loophole was closed by the developers. “We don’t have exact information about how long and which … More

Microsoft, Adobe February 2018 security updates: An overview

The Microsoft February 2018 security updates are for Internet Explorer, Edge, Windows, Office, Office Services and Web Apps, Adobe Flash, and ChakraCore (the core part of the Chakra Javascript engine that powers Microsoft Edge). Jimmy Graham, director of product management at Qualys, considers the Adobe Flash update and that for StructuredQuery in Windows servers and workstations to be the most critical and best implemented as soon as possible. The former plugs the Flash zero-day bug … More

Millions of Android devices forced to mine Monero for crooks

No device is safe from criminals looking to make it stealthily mine cryptocurrency for them. However weak its processing power is, it still costs them nothing. With that in mind, forced crypto mining attacks have also begun hitting mobile phones and tablets en masse, either via Trojanized apps or redirects and pop-unders. An example of the latter approach has been recently documented by Malwarebytes’ researchers. The attack “In a campaign we first observed in late … More

Microsoft to provide Windows Defender ATP for older OS versions

Microsoft will backport Windows Defender Advanced Threat Protection (ATP) to meet the security needs of organizations that have not yet entirely switched to Windows 10. Windows Defender ATP provides deep insights into Windows 7 events on a rich machine timeline What is Windows Defender ATP? Windows Defender ATP is a unified endpoint security platform that provides administrators a central view of threats on company endpoints. For that to work, the OS must have the Windows … More

German court says Facebook use of personal data is illegal

Facebook’s default privacy settings and some of its terms of service fall afoul of the German Federal Data Protection Act, the Berlin Regional Court has found. By not adequately securing the informed consent of its users, Facebook’s use of personal data is illegal – and so is the social network’s “real-name” clause, as the German Telemedia Act says that providers of online services must allow users to use their services anonymously or by using a … More

Tackling the insider threat: Where to start?

Many organizations still believe the definition of an insider threat is limited to a rogue employee purposefully leaking embarrassing information, or nuking a couple of systems when he or she quits and walks out the door with internal or customer data to take to a new job. But not all insider threats have to be malicious to cause an incident. Perhaps someone on your marketing team wasn’t aware of their regulatory obligations in handling customer … More

Polisis: AI-based framework for analyzing privacy policies in real time

It has been known for a while that the overwhelming majority of Internet users doesn’t read privacy policies and terms of service before agreeing to them. Those few that do usually skim over them. That’s mostly because these documents and agreements are extremely long and – intentionally or unintentionally – written in a way that makes them unintelligible to the great majority of users. Companies’ privacy policies and terms of service also change through time, … More

Thousands of government, orgs’ websites found serving crypto mining script

On Sunday, over 4,200 websites around the world started hijacking visitors’ browsers to mine the Monero crypto currency. The attack The problem was first noticed and partly documented by security researcher Scott Helme: Ummm, so yeah, this is *bad*. I just had @phat_hobbit point out that @ICOnews has a cryptominer installed on their site… 😮 pic.twitter.com/xQhspR7A2f — Scott Helme (@Scott_Helme) February 11, 2018 Among the compromised websites were that of UK’s Information Commissioner’s Office and … More

Chrome will mark HTTP pages as “not secure”

Starting with Chrome 68, which is scheduled to be released in July 2018, Google will explicitly mark all HTTP sites as “not secure”: According to Google’s numbers, 68% of Chrome traffic on both Android and Windows is now encrypted, as is 78% of Chrome traffic on both Chrome OS and Mac. In July, those numbers are going to be even higher. “Developers have been transitioning their sites to HTTPS and making the web safer for … More

Intel releases new Spectre microcode updates for some affected processors

Intel has provided a new update on the Spectre patch situation. Skylake fix ready, others to follow “Earlier this week, we released production microcode updates for several Skylake-based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms in the coming days,” Navin Shenoy, general manager of the Data Center Group at Intel Corporation, has announced on Wednesday. “We also continue to release beta microcode updates so … More

When crypto-mining malware hits a SCADA network

Stealthy crypto-mining is on track to surpass ransomware as cybercriminals’ most favorite money-making option, and companies with computers and servers that run all day and night long are the preferred targets. This could be more than just a nuisance to the companies – it could seriously affect business operations and render some companies unable to operate for days and even weeks. In some instances, namely when the companies are part of critical infrastructure, the consequences … More

Data of 800,000 Swisscom customers compromised in breach

Swisscom, the biggest telecom company in Switzerland, has suffered a data breach that resulted in the compromise of personal data of some 800,000 customers, i.e., nearly ten percent of the entire Swiss population. “The data accessed included the first and last names, home addresses, dates of birth and telephone numbers of Swisscom customers; contact details which, for the most part, are in the public domain or available from list brokers,” the company explained. The data … More

How to track smartphone users when they’ve turned off GPS

As it turns out, turning off location services (e.g., GPS) on your smartphone doesn’t mean an attacker can’t use the device to pinpoint your location. A group of Princeton University researchers has devised of a novel user-location mechanism that exploits non-sensory and sensory data stored on the smartphone (the environment’s air pressure, the device’s heading, timezone, network status, IP address, etc.) and publicly-available information to estimate the user’s location. The PinMe mechanism The non-sensory and … More

Hotspot Shield VPN flaw can betray users’ location

A flaw in the widely used Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information that could be used to discover users’ location and, possibly and ultimately, their real-world identity. About the vulnerability According to the entry for the vulnerability (CVE-2018-6460) in the National Vulnerability Database, Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895, and the web server uses JSONP and hosts sensitive information including … More

Android devices roped into new Monero-mining botnet

A new Monero-mining bot sprang up a few days ago and, in just a few days, has created a botnet consisting of over 7,000 Android devices, most of which are located in China (39%) and Korea (39%). Spreading capabilities The rise of the botnet has been flagged by researchers with Qihoo 360’s Netlab, who analyzed the mining malware and discovered that it has worm-like spreading capabilities. Once ADB.miner – as they’ve dubbed the threat – … More

Realistic, well-positioned Reddit clone is out to grab users’ login credentials

A convincing clone of the popular social news aggregation and discussion site Reddit has been spotted on the reddit.co domain. The author is obviously counting on users not to spot it for what it is: a site meant to harvest users’ username and password. HEADSUP: Looking for infosec people at @Reddit. Website at (phishing?) domain reddit(.)co — using the Colombian TLD — was acting a pitch-perfect apparent MITM of the actual Reddit. Now returning 500 … More

Flaw in Grammarly’s extensions opened user accounts to compromise

A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ Grammarly accounts and access all the (potentially sensitive) information held in them. About the vulnerability The vulnerability was discovered by Google project Zero researcher Tavis Ormandy, who reported it to Grammarly on Friday. “I’m calling this a high severity bug because it seems like a pretty severe violation of … More

Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More

Mac crypto miner distributed via MacUpdate, other software download sites

Software download site/aggregator MacUpdate has been spotted delivering a new Mac crypto miner to users. A new Mac cryptominer was being distributed from hacked MacUpdate pages yesterday, disguised as Firefox, OnyX and Deeper.https://t.co/W8jcotFixl#macOS #Malware #CryptoMining — Thomas Reed (@thomasareed) February 2, 2018 A rare threat Stealthy cryptocurrency miners are most often aimed at Windows and browser users (e.g., the Coinhive script), but no one is safe: neither Linux users, nor Mac users, even though cryptocurrency-mining … More

About the Flash zero-day currently exploited in the wild

The zero-day Flash Player vulnerability (CVE-2018-4878) that Adobe warned about on Thursday was leveraged by North Korean hackers. FireEye calls the group TEMP.Reaper and Cisco researchers named it Group 123 (and have been tracking their exploits for a while). The threat actors leveraging the Flash zero-day “We have observed TEMP.Reaper operators directly interacting with their command and control infrastructure from IP addresses assigned to the STAR-KP network in Pyongyang. The STAR-KP network is operated as … More

Scammers steal nearly $1 million from Bee Token ICO would-be investors

Another day, another ICO-related scam. In an attack similar to that which fooled investors into the Enigma cryptocurrency investment platform, users who were aiming to buy Bee Tokens during a Token Generation Event (i.e., an initial coin offering) were tricked into sending the money to scammers instead. What is the Bee Token? Beenest is a home-sharing network built on top of a set of Bee Protocols (Ethereum smart contracts) running on the Ethereum network. The … More

Researchers showcase automated cyber threat anticipation system

A group of researchers is trying to develop an automatic early warning system that should help defenders take preventative action before specific cyber attacks start unfolding. How does their system work? Their approach leverages the fact that preparation of cyber attacks often occurs in plain sight, discussed on online platforms and publicly accessible discussion forums. “The system monitors social media feeds of a number of prominent security researchers, analysts, and white-hat hackers, scanning for posts … More

Google booted 100,000 malicious developers from Google Play

New malware and unwanted apps are discovered on Google Play nearly every day – or so it seems. According to Google’s statistics, in 2017 the company has taken down more than 700,000 apps that violated the Google Play policies: copycat apps, apps showing inappropriate content, and outright malware (apps that conduct SMS fraud, act as trojans, or phishing user’s information). The number might seem small to some and significant to others, but it is definitely … More

AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit

A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules to automate mass exploitation of remote hosts. “Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache,IIS, etc, upon which a list of candidates will be retrieved,” the tool’s creator explained. “After this operation has … More

Attackers disrupt business operations through stealthy crypto mining

WannaMine, a Monero-mining worm discovered last October, is increasingly wreaking havoc on corporate computers. Either by slowing down computers or by crashing systems and applications, the crypto mining worm is, according to CrowdStrike researchers, seriously affecting business operations and rendering some companies unable to operate for days and even weeks. In one case, a client informed CrowdStrike that nearly 100 percent of its environment was rendered unusable due to overutilization of systems’ CPUs. As time … More

Mozilla plugs critical and easily exploitable flaw in Firefox

Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 contains one but very important security fix that plugs a vulnerability arising from insufficient sanitization of HTML fragments in chrome-privileged documents. (In this context, chrome is not the popular Google browser, but a component of Firefox.) The vulnerability (CVE-2018-5124) is considered critical because a successful exploit could allow … More

Cisco plugs critical hole in many of its enterprise security appliances

There’s an eminently exploitable remote code execution flaw in the Adaptive Security Appliance (ASA) Software running on a number of Cisco enterprise appliances, and admins are advised to plug the hole as soon as possible. The Cisco Product Security Incident Response Team (PSIRT) says that it is aware of public knowledge of the vulnerability, but not of any current malicious use of it. Nevertheless, active exploitation might be close at hand. Also, details about the … More

How to prepare for the future of digital extortion

Digital extortion has evolved into the most successful criminal business model in the current threat landscape, and Trend Micro researchers predict that it will continue to grow rampant because it’s cheap, easy to commit, and many times the victims pay. Attackers can go after a wide variety of targets The line between blackmail and extortion is blurred in the digital realm. “Many digital crimes we normally think of as blackmail are, in fact, extortion — … More

Dridex gang follows trends, also created FriedEx ransomware

The gang behind the infamous banking Trojan Dridex has also created the FriedEx (aka BitPaymer) ransomware, ESET researchers confidently claim. The similarities between Dridex and FriedEx By analyzing and comparing the code of both threats, the researchers discovered a handful of similarities: Both malware use the same function for generating UserID (i.e., that generates a unique string from several attributes of the victim’s machine) Most of the other functions that correspond to the specific malware … More

UK critical operators risk £17m fines for poor cybersecurity practices

UK essential service operators risk fines of up to £17 million if they fail to implement robust protections against cyber attack. The penalties will apply to energy, transport, water, digital infrastructure, and health firms. “A simple, straightforward reporting system will be set up to make it easy to report cyber breaches and IT failures so they can be quickly identified and acted upon. It will also cover other threats affecting IT such as power outages, … More

British cryptocurrency traders robbed of Bitcoin at gunpoint

Cryptocurrency heist are usually covert affairs that leave users with empty wallets, but not fearing for their life. Still, there are always some unlucky individuals who get the worst of everything. Case in point: Bitcoin traders Danny Aston and Amy Jay, who were robbed at gunpoint on January 22 in their home in Moulsford, Oxfordshire (UK). The two are directors of Aston Digital Currencies, and Aston traded cryptocurrency online under the pseudonym “Goldiath.” He has … More

Lenovo Fingerprint Manager Pro is full of fail

Lenovo Fingerprint Manager Pro, a piece of software that allows users to log into their PCs or authenticate to configured websites using fingerprint recognition, has been found seriously wanting in the security department. The problems are several: the software contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in. Also, the data it stores – users’ Windows logon credentials and fingerprint data, among other … More

Strava user heatmap reveals patterns of life in western military bases

In November 2017, online fitness tracker Strava published a heatmap of the activity many of its users around the world engage in (and track) daily. But what might have seemed as a harmless sharing of anonymized, aggregated data turned out to reveal potentially sensitive information about (mostly western) military bases and secret sites. The revelation was made and shared over the weekend by Nathan Ruser, an Australian university student and founding member of Institute for … More

Old Bitcoin transactions can come back to haunt you

A group of researchers from Qatar University and Hamad Bin Khalifa University have demonstrated how years-old Bitcoin transactions can be used to retroactively deanonymize users of Tor hidden services. It seems that Bitcoin users’ past transactions – and especially if they used the cryptocurrency for illegal deals on the dark web and didn’t think to launder their payments – may come back to haunt them. Researchers’ findings “We crawled 1.5K hidden service pages and created … More

Facebook, Microsoft announce new privacy tools to comply with GDPR

In four months the EU General Data Protection Regulation (GDPR) comes into force, and companies are racing against time to comply with the new rules (and avoid being brutally fined if they fail). One of the things that the regulation mandates is that EU citizens must be able to get access to their personal data held by companies and information about how these personal data are being processed. Facebook users to get new privacy center … More

Alphabet enters enterprise cybersecurity market, launches Chronicle

Google’s parent company Alphabet has announced its entry into the lucrative enterprise cybersecurity market through Chronicle, a company started in early 2016 as a project at X, Alphabet’s “moonshot factory.” Chronicle has now “graduated” to the status of an independent company within Alphabet, and is lead by Stephen Gillett, formerly an ​executive-in-residence at Google Ventures and Chief Operating Officer of Symantec. VirusTotal, a malware intelligence service acquired by Google in 2012, will be become a … More

PCI Council sets security requirements for mobile point of sale solutions

The PCI Security Standards Council has announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf (COTS) devices such as smartphones and tablets. What are we talking about here? Stores that offer customers the possibility to purchase things with their payment card usually have a hardware terminal and PIN entry device. But this can be too pricey an option for small merchants in markets that require EMV chip-and-PIN acceptance. A cheaper option … More

Security in the enterprise: Things are looking up!

Cybersecurity is quickly becoming the number one business priority, says identity and access management company Okta. Based on the results of an analysis of authentication and verification events made through the company’s enterprise offerings between November 1, 2016 to October 31, 2017, security tools by Jamf, KnowBe4, DigiCert, Cisco, Mimecast, Sophos, and CloudFlare all ranked in the top 15 fastest growing apps for the first time. “Jamf, which provides software for managing and securing Apple … More

DuckDuckGo offers new privacy extension and app

DuckDuckGo, the company behind the eponymous privacy-minded Internet search engine, has announced a new browser extension and mobile app: DuckDuckGo Privacy Essentials. DuckDuckGo Privacy Essentials does four things: It makes DuckDuckGo the default search engine (this features is optional – it can be switched off). Forces websites to serve users with an encrypted version (i.e., HTTPS version) of the site – if it’s available. Blocks all hidden, third-party trackers it can find and provides users … More

Fake cryptocurrency wallet carries ransomware, leads to spyware

People around the world are rushing to acquire all kinds of cryptocurrency, hoping that prices will go up and they will be rolling in money when they sell their investment stash. Criminals have, expectedly, noticed the rush and are doing their level best to cash in on it. The latest attack on cryptocurrency-hungry users comes in the form of fake wallet software carrying ransomware. About the malware Fortinet FortiGuard Labs researchers have spotted and analyzed … More

Intel testing new Spectre fixes, tells everyone to hold off on deploying current firmware updates

Shortly after Red Hat stopped providing microcode to address variant 2 (branch target injection) of the Spectre attack, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current firmware updates that fix the same vulnerability (CVE-2017-5715). Red Hat’s decision “Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot. The latest microcode_ctl and … More

Human trafficking victims forced to defraud Chinese computer users

Late last week, the Croatian police executed a coordinated raid on two houses where 59 individuals were confined and forced into defrauding Chinese and Taiwanese computer and smartphone users through a police-ransom-type-of-scheme. According to an announcement by the Croatian Ministry of the Interior, the raids were the result of a months-long joint investigation with the Slovenian National Police and a collaboration with the People’s Republic of China’s police force. The 59 individuals – mostly from … More

British teenager hacked top ranking US officials using social engineering

How did British teenager Kane Gamble, who at the time was only 15 years old, manage to break into email accounts of the CIA and DNI chiefs, as well as gain access to a number of sensitive databases and plans for intelligence operations in Afghanistan and Iran? The answer is social engineering. A day in court Gamble, who was part of Crackas With Attitude (CWA), a group of hackers with a pro-Palestinian agenda, pleaded guilty … More

What has the Necurs botnet been up to?

The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More

Researchers uncover mobile, PC surveillance platform tied to different nation-state actors

The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign that has targeted activists, journalists, lawyers, military personnel, and enterprises in more than 20 countries in North America, Europe, the Middle East, and Asia. They have dubbed the threat Dark Caracal, and have traced its activities to as far back as 2012. The malware used by Dark Caracal The attackers went after information stored on targets’ Android devices … More

G Suite users get a better view of their enterprise security posture

Google is rolling out a new security tool for G Suite Enterprise users: the Security Center. The tool aims to give administrators a better understanding of their organization’s security. The G Suite Security Center Admins get a unified dashboard that shows them important security metrics across services like Gmail, Google Drive, Mobile Management, etc. These metrics show how many messages were encrypted with Transport Layer Security, when were messages marked as malware, how are users … More

What is the impact and likelihood of global risks?

The World Economic Forum, a not-for-profit foundation that each year gathers participants from around the world to discuss a wide range of global issues, has published its yearly Global Risks Report. Based on the opinions of almost 1,000 global experts and decision-makers, the top 5 global risks in 2018 in terms of likelihood are extreme weather events, natural disasters, cyber attacks, data fraud or theft, and failure of climate-change mitigation and adaptation. Cyber attacks and … More

Vulnerability in ISC BIND leads to DoS, patch today!

The Internet Systems Consortium has released security updates for BIND, the most widely used Domain Name System (DNS) software on the Internet, and a patch for ISC DHCP, its open source software that implements the Dynamic Host Configuration Protocol for connection to an IP network. BIND update The BIND update should be implemented as soon as possible: the vulnerability (CVE-2017-3145) can lead to denial-of-service and crash, and instances of that happening have been reported by … More

Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros

Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution vulnerability actively exploited in the wild. About Equation Editor Equation Editor is a (mathematical) formula editor that allows users to construct math and science equations in a WYSIWYG environment. While the software component has not been the default method of creating equations since 2007, it … More

DoS attacks against hard disk drives using acoustic signals

A group of Princeton and Purdue researchers has shown that it’s possible to mount a denial-of-service (DoS) attack against hard disk drives via acoustic signals. Threat severity Hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their increased reliability, fault tolerance, storage capacity, and so on. “These technological advances in HDDs, along with the ever-increasing need for storing the huge amount of data, made them one of the core … More

Phishers target Netflix users, ask for info and photo of their ID

Should you send Netflix a selfie in which you hold your ID card to get your account reinstated? The answer is an emphatic no, but each one of us knows at least one person who would find the request unremarkable and proceed to do it. The campaign The request is the last of several steps of the most recent Netflix-themed phishing campaign, which starts with an email purportedly coming from the streaming company and warning … More

Apple updates iOS security guide

Apple has published an updated version of its iOS security guide, in which it details features introduced in iOS 11.2 (released on December 4, 2017) and iOS 11.1 (October 31, 2017). The company first released the first version of the document in June 2012, and has been updating it periodically ever since. New information in the iOS security guide This latest iteration contains more and updated details about Apple Pay Cash, security certifications and programs, … More

Google removes 60+ fake game apps displaying porn ads from Google Play

Google has removed some 60+ game apps from Google Play, as they were found to contain code that either delivered inappropriate and pornographic ads, attempted to trick users into installing fake security apps or into signing up for (paid) premium services. About the apps The offending apps have been first flagged by Check Point researchers, who named the threat “AdultSwine.” The threat posed as different game apps – “Drawing Lessons Angry Birds,” “Temple Crash Jungle … More

Meltdown and Spectre: To patch or to concentrate on attack detection?

Patching to protect machines against Meltdown and Spectre attacks is going slow, and the provided patches, in some instances, lead to more problems than just slowdowns. In fact, Intel has admitted that they have “received reports from a few customers of higher system reboots after applying firmware updates.” “Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center,” Navin Shenoy, general manager of Intel’s Data Center Group, confirmed. “We … More

Skype users are finally getting end-to-end encryption

The move was announced on Thursday by Open Whisper Systems, the software organization behind the open source Signal Protocol, which has been implemented by Microsoft to offer the feature. Private Conversations The option, named Private Conversations, is currently being tested by Skype Insiders and has some temporary limitations. Firstly, it can be used to protect audio calls, text messages, and files (images, audio, videos), but not video calls. Secondly, Private Conversations are limited to one-on-one … More