Month: March 2019

0 Comments
A WordPress zero-day in the Easy WP SMTP plugin is actively being exploited in the wild, according to NinTechNet. The plug-in allows site owners using WordPress to both configure and send outgoing emails through an SMTP server, preventing messages from landing in the recipient’s junk folder. By exploiting what is categorized as a critical vulnerability, hackers reportedly
0 Comments
More advice for detecting and avoiding sextortion scams Vox Emptoris: “Voice of the Customer” In my previous post, we examined a particular example of a sextortion scam, showing several indications that it was not a threat to be taken seriously.  But that kind of analysis – point-by-point deconstruction – is relatively hard work, and perhaps not
0 Comments
Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it’s true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to more platforms soon, like Linux. As a result, the technology giant renamed its
0 Comments
A recent study uncovered the availability of SSL/TLS certificates on the dark web that are often packaged with crimeware services designed to help cybercriminals create malicious sites that appear safe. The study, which was conducted by researchers at the Evidence-Based Cybersecurity Research Group at Georgia State University and the University of Surrey, focused on the
0 Comments
After analyzing several previously unknown malicious files that were detected earlier this month, Kaspersky Lab determined the files were a new version of a data stealer known as the AZORult Trojan. Because the files are written in C++, and not Delphi, researchers have dubbed the variant AZORult++. According to researchers, this latest version is potentially
0 Comments
by Paul Ducklin Facebook has just admitted to years of problems with password hygiene by leaking plaintext passwords into logfiles by mistake. Watch this special edition of Naked Security Live… …we answer the questions lots of people have been asking us since we first wrote about this issue: What happened? Was this a blunder or
0 Comments
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients’ chests) that gives a patient’s heart
0 Comments
Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines. What a Friday. This afternoon (mere hours after we released our regularly scheduled episode no less!), both Pinterest and Zoom dropped their public S-1 filings. So we rolled up our proverbial sleeves and ran through the numbers. If
0 Comments
According to the 2019 State of the Call Center Authentication report from TRUSTID, a Neustar company, one of the most exploited areas in a company’s security chain is the call center. Companies may be investing more in their cybersecurity defenses, but fraudsters are evolving in their tactics. As such, they’ve discovered that by targeting call
0 Comments
European governments have been bringing the hammer down on tech in recent months, slapping record fines and stiff regulations on the largest imports out of Silicon Valley. Despite pleas from the world’s leading companies and Europe’s eroding trust in government, European citizens’ staunch support for regulation of new technologies points to an operating environment that
0 Comments
The UK’s Police Federation of England and Whales (PFEW) was the victim of a malware attack, according to two different tweets posted by the National Cyber Security Center (NCSC) UK and the PFEW. According to the Police Federation, the attack on the PFEW, which represents 119,000 police officers across the 43 forces in England and
0 Comments
More tips for detecting and avoiding sextortion scams Vox Emptoris: “Voice of the Customer” In my previous post, we examined a particular example of a sextortion scam, showing several indications that it was not a threat to be taken seriously.  But that kind of analysis – point-by-point deconstruction – is relatively hard work, and perhaps not
0 Comments
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to “illegally” tie its proprietary apps and
0 Comments
The growth of Airbnb — and likewise other platforms like Booking.com, VRBO and Homeaway for listing and renting short-term accommodation in private homes — has spawned an ecosystem of other businesses and services, from those who make money renting their homes, to cleaning companies that make properties “Airbnb-ready”, to those who help design listings that