Anti-malware collects information about us to help keep us safe. But does it collect more information than is necessary for that role? And what does it do with it? This Insight looks at that and provides suggestions to be safer.
WordPress is one of cyberattackers favorite targets. Now we hear of another attack that is using 20,000 WordPress sites to redirect traffic to compromised sites.
Attackers have found a vulnerability in code editors that are AI powered. The vulnerability allows the attackers to insert code that performs malicious actions.
Jailbreak means a user has removed or circumvented safety features of their phone. This is popular among people who want to do things that the phones attempt to prevent. New research shows the jailbroken devices are significantly more likely to be infected with malware.
Cisco is a major player in the network space. Attackers have found a way to use the Smart Licensing utility to stage attacks. These vulnerabilities are serious 9.78 on CVSS. Cisco has issued patches. Be sure to apply them.
A token provides access to a single system, application or site. This makes them desired by cybercriminals. Microsoft has issued their Primary Refresh Token that provides access to all the Microsoft services you have permission to use. One token and access to all. This makes them a big target of attackers.
A new attack has been found that targets macOS developers using Xcode. Another example of an attack that doesn’t go after single users but a supply chain style attack in that if will infect any user of the app.
In disturbing news attackers were found in a Massachusetts power utility. As if that isn’t bad enough, they were there for over 300 days before being discovered.
Another scam using fake Captcha pages. Be sure before you click. This one deploys a rootkit. Very dangerous and difficult to remove.
A phishing campaign looks to take advantage of people through bogus emails that appear to come from Booking.com. If you have ever booked on the site it won’t be a surprise to get an email. But don’t click anything!
As reliance on AI systems increases the integrity of its answers and output must also increase. Poisoning the data will change those results and affect decisions. Some are important only to the company while others, such as those in the medical field may affect life and death decisions.
Supply chain attacks are becoming a preferred attack method. They require breaching only one company but infect every company connected to them.
WordPress is a popular web platform. And that makes it a popular target for attackers. In this attack over 1000 WordPress sites were infected with backdoors which are hard to find and disable.
IoT devices are often simple and not well protected. Attackers have turned to them as a way to build botnets. The latest one has over 86,000 compromised devices. A botnet is often used for denial of service attacks. With so many devices the attacks are harder to stop.
Grandparent scams have been around for years. They are popular with cybercriminals because grandparents tend to react quickly when receiving a message they believe is from a grandchild in trouble.