Earlier this month, computer security expects dropped a bombshell on the internet. A pair of vulnerabilities titled Spectre and Meltdown that date back to 1995 were putting a wide variety of computers, smartphones and internet browsers at risk.
Tagged With computer security
There are a pair of security flaws present in nearly every device you've got that could allow hackers to steal information like passwords and other personal information. The exploits, Spectre and Meltdown, take advantage of actual flaws in the design of your device's microprocessor.
Mac users running the latest version of Apple's operating system, High Sierra, are susceptible to a pretty huge flaw that could grant anyone with physical access to your Mac unfettered access to everything on your machine. The hack seems to be affecting only macOS High Sierra 10.13 and 10.13.1 versions. Luckily, Apple has now issued a fix.
The USB Killer is infamous (but ingenious). Plug it in, and within seconds your computer is dead, motherboard fried thanks to a high voltage dose of electricity, along with any other nearby components. This video shows you how it works, but the takeaway is clear: Never connect random USB devices to your computer.
Eugene Kaspersky, the CEO and chairman of Kaspersky has revealed that the company will be opening their code to an independent review and they will be opening a number of “transparency centers” in order to try and mend its broken reputation. The company has been accused of either being complicit with or the victim of Russian agencies who have used their end-point security software as a way of injecting spyware onto computers.
A serious Wi-Fi vulnerability was revealed yesterday, affecting nearly every Wi-Fi network and device using WPA or WPA2 security encryption. The Wi-Fi exploit, first reported by Ars Technica, takes advantage of a particular security flaw in the WPA2 wireless security standard, allowing attackers to intercept personal data as well as insert malware into websites a user visited.
Attackers can potentially gain access to encrypted information like usernames, passwords, and credit card data. Luckily, companies are already patching the flaw in order to prevent this potential hack from happening, but you'll need to do a little work on your end and update your devices.
Ransomware attacks are getting more and more clever as the public gets wise to them. The latest involves hiding a malicious macro inside a Word document attached to a seemingly harmless PDF file.
With a little know-how, most phishing scams are pretty easy to detect. This one, on the other hand, is devilishly clever and just might dupe you if you're not careful.
Windows: RansomFree is a new tool that promises to stop ransomware attacks before they can get busy encrypting all of your data. Instead of watching specific processes or trying to use signatures to identify ransomware, it observes the behaviour of running processes instead, warning you when something's up.
Although having a dedicated IT department is either unfeasible or unnecessary for many small businesses, having simple, relevant IT solutions is often still important. Intel has been working on an IT solution called Intel Small Business Advantage which can simplify the IT demands of a business, and even put it in the hands of a single employee -- without needing any special skills.
Antivirus vendor Trend Micro patched its anti-virus offering after being told off by a respected Google security researcher about the severity of the vulnerability. The security flaw allowed the execution of malicious code and passwords stored on the Password Manager component of the Trend Micro antivirus product. The issue was flagged by the researcher, Tavis Ormandy, who became frustrated with the vendor's sluggish response.
Microsoft has added potentially unwanted application (PUA) protection to its enterprise security software offerings to block programs from installing software you didn't want in the first place. PUAs are programs that contains adware, installs toolbars or carries malware that changes your browser settings without your permission. They can be found in a number of consumer and business software bundles online.