30
Jan

More Than 2000 WordPress Sites Found to be Infected With Key-Logging Malware

Posted by on · · · | Blog · News

The security desk at Ars Technica is reporting on a new attack where more than 2000 WordPress sites were infected with malware that can capture keystrokes (and passwords) within the administrative control panel. It also installs an in-browser crypto-currency miner that hijacks the computers of site visitors to run silently in the background. Side effects […]

Read More
12
Jan

Meltdown and Spectre: The Pain Has Only Just Begun

Posted by on · · · | Blog · News

Ars Technica has published an excellent in-depth article detailing how the upcoming software and hardware patches designed to deal with the Meltdown and Spectre vulnerabilities will likely have a negative impact on computer performance. To recap: modern high-performance processors perform what is called speculative execution. They will make assumptions about which way branches in the code […]

Read More
29
Dec

Web Trackers Exploit Browser Login Managers

Posted by on · · · | News

Another day, another online hack, or so it seems. Whether it’s the Yahoo! password grab, or the Equifax data breach, we know that we need to secure our passwords online. Just when you thought you had done everything to be save online, we now learn of one more way your data is not safe. A […]

Read More
27
Dec

Critical Vulnerability Patched in Mozilla Thunderbird

Posted by on · · · | News

Via Ars Technica: Mozilla has recently released a major upgrade to the Thunderbird email client that addresses a critical buffer-overflow vulnerability that was discovered earlier this year: The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. “A buffer overflow occurs when drawing and validating […]

Read More
03
Nov

Westlaw: Blockchain 101

Posted by on · · · · · | News

Thomson Reuters (aka: Westlaw) has a introductory primer up on the increased use of blockchain technologies in both the financial and legal sectors. Blockchain 101 [Note: The article is partially pay-walled, so to read the full piece you will need a Westlaw login.]

Read More
25
Oct

New Ransomware, Dubbed “Bad Rabbit”, Strikes Europe

Posted by on · · · · | News

Endgadget is reporting on a new malware attack underway in in Europe. Dubbed “Bad Rabbit”, the attack takes advantage of widely known flaws in Adobe’s Flash product to trick users into downloading a fake update from a compromised web site. Once installed, the update encrypts user files, rendering them inaccessible until a ransom demand of […]

Read More
17
Oct

KRACK Attack Opens Your Wi-Fi Networks to Snooping

Posted by on · · · · · | News

Mathy VanHoef, a researcher with the imec-DistriNet Research Group at University of Leuven, Belgium has released a paper titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 which details a major vulnerability in the WPA2 wireless security protocol. Per VanHoef’s release notes: [A]ttackers can use this novel attack technique to read information that was previously […]

Read More
05
Oct

Yahoo!’s 2013 Data Breach Was FAR Worse Than Reported

Posted by on · · · | News

Via Bloomberg: “Yahoo! Triples Likely Scope of 2013 Hack to 3 Billion Users” If you’ve ever had a Yahoo! account, the following sentence is not going to help your blood pressure: Yahoo, the internet company acquired by Verizon Communications Inc. this year, now believes a 2013 security breach exposed all 3 billion of its users […]

Read More
06
Sep

October is National Cyber Security Awareness Month

Posted by on · · | News

October is National Cyber Security Month, and this year the National Cyber Security Alliance have teamed up with the  folks from SANS to put together a Cyber Security Awareness Toolkit. The kit includes a planning matrix, email templates, posters, videos, and a host of activities designed to encourage and increase participation in the field of […]

Read More
05
Sep

IS Google Fiber Dying?

Posted by on · · | News

Over at Motherboard, Kayleigh Rogers revisits the first community to pilot Google’s Fiber and takes note of the fact the once-promised future of broadband has, apparently, been put on-hold: Thousands of customers in KC who had pre-registered for guaranteed service when Fiber made it to their neighborhood were given their money back earlier this year, […]

Read More