Tagged With security

6

Why try to trick you into installing malware when you'll do it voluntarily? That was the tactic used by attackers who infiltrated Avast's servers and planted malicious software into CCleanup 5.33 recently. The malware was detected by Cisco Talos during some routine beta testing of their updated detection engine.

6

There are few feelings worse than having the sanctity of your home violated by thieves. It's not just the loss of valuable possessions, but that a stranger has completely violated your personal space. This is what happened to someone I know yesterday. But what might sound like a run-of-the-mill break-and-enter was far smarter and will have lasting implications for those involved.

0

When Arnold brought the Terminator to life, we were all worried that steroid-driven Austrian bodybuilders were going to take over the world and kill us all. But it turns out we should be more worried about what we invite between the sheets. A security researcher from Deakin University, Dr Nick Patterson, says that a breached sex-bot could turn on its owner. This is definitely not the droid you're looking for.

45

You might know what a virtual private network (VPN) is, but the odds of you actually using one are low. You really should be using a VPN — ultimately, you may end up seeing it as just as vital as your internet connection. We'll tell you why, explain how to choose a VPN provider and list five that are worth considering.

6

It's Force Friday and that means we get to celebrate all things Star Wars. But as well as some awesome new toys from Sphero and the revelation of new details of the upcoming movie, The Last Jedi, it's a chance to look back and pick up a few tips for successfully managing IT in this galaxy.

0

The United States Congress recently voted to repeal a set of regulations preventing Internet Service Providers (ISP) from selling your browsing info to third parties without your permission, setting an ominous tone for the future of net neutrality worldwide. That's why VPNs have surged in popularity as one of the last lines of defense for private browsing. While there are plenty of providers to choose from, few can match what Private Internet Access brings to the table.

3

Over the weekend, yet another list of potentially vulnerable IoT devices was made public. It was viewed by over 20,000 people before Pastebin removed the list of devices that responded to Telnet sessions that were secured either with default credentials such as admin/admin or not secured with any authentication at all. Which begs the question, why do some people continually shoot themselves in the foot when it comes to securing these devices?

2

The Black Hat and DEFCON events bring together the black, white and grey hat communities to share information about what's really what when it comes to information security. Thycotic surveyed attendees at this year's Black Hat conference to find out what works and doesn't work when it comes to protecting data.

2

A hacker, going by the Twitter handle @xerub, claims to have broken part of the security around Apple's Secure Enclave. The hacker has published a decryption key that weakens (but doesn't totally compromise) a core part of Apple's security model for iOS devices.

0

Ransomware attacks are an everyday occurrence. Whenever I speak to people at security events, almost every single company has been hit in some way. Some only find out about it when users call the internal help desk because they're "curious" about Bitcoin but others are hit far harder.

0

Dropbox has jumped on the two-factor authentication (2FA) bandwagon with changes to their mobile app. Now, when an attempt is made to log into your Dropbox account, a notification is sent to your mobile device where you can tap a button to authenticate your identity. There's no code to enter.

0

You'd think flipping burgers is about as far from cybersecurity as you can possibly get. But when you're in charge of risk and compliance for a chain of over 500 burger places across the North American continent, you take governance, risk and compliance very seriously. Merlin Namuth is in charge of all that for Red Robin Burgers. I spoke with him at the recent RSA Conference held in Singapore.

0

Security researcher Abhinav Singh works with security firm Netskope and is the author of the Metasploit Penetration Testing Cookbook and Instant Wireshark. I spoke with him at the recent RSA Conference Held in Singapore about how the cloud is the new vector being exploited by threat actors.

0

Classic decluttering advice - the kind of stuff you've been reading on Lifehacker for years - starts with getting rid of what you don't use or need. But are you applying the same principle to your systems? A demonstration of an old vulnerability in SMB 1at DEFCON highlights this, with a Windows Server rendered useless by a Raspberry Pi and a few lines of code. Beneath the surface of your apps, lie dangerous vulnerabilities.