Why try to trick you into installing malware when you'll do it voluntarily? That was the tactic used by attackers who infiltrated Avast's servers and planted malicious software into CCleanup 5.33 recently. The malware was detected by Cisco Talos during some routine beta testing of their updated detection engine.
Tagged With security
The writing has been on the wall for FTP for years now and while it'll continue to serve an important role for the web behind the scenes, a browser isn't the best way to interact with the protocol. Debian will give it the punt in a couple of months and now Google will soon flag FTP sites as "not secure".
There are few feelings worse than having the sanctity of your home violated by thieves. It's not just the loss of valuable possessions, but that a stranger has completely violated your personal space. This is what happened to someone I know yesterday. But what might sound like a run-of-the-mill break-and-enter was far smarter and will have lasting implications for those involved.
When Arnold brought the Terminator to life, we were all worried that steroid-driven Austrian bodybuilders were going to take over the world and kill us all. But it turns out we should be more worried about what we invite between the sheets. A security researcher from Deakin University, Dr Nick Patterson, says that a breached sex-bot could turn on its owner. This is definitely not the droid you're looking for.
You might know what a virtual private network (VPN) is, but the odds of you actually using one are low. You really should be using a VPN — ultimately, you may end up seeing it as just as vital as your internet connection. We'll tell you why, explain how to choose a VPN provider and list five that are worth considering.
The United States Congress recently voted to repeal a set of regulations preventing Internet Service Providers (ISP) from selling your browsing info to third parties without your permission, setting an ominous tone for the future of net neutrality worldwide. That's why VPNs have surged in popularity as one of the last lines of defense for private browsing. While there are plenty of providers to choose from, few can match what Private Internet Access brings to the table.
Over the weekend, yet another list of potentially vulnerable IoT devices was made public. It was viewed by over 20,000 people before Pastebin removed the list of devices that responded to Telnet sessions that were secured either with default credentials such as admin/admin or not secured with any authentication at all. Which begs the question, why do some people continually shoot themselves in the foot when it comes to securing these devices?
We've grown accustomed to apps and even operating systems collecting data about usage and trends and sending it back to the appropriate mothership. What's more unusual (but very much appreciated) is when a company provides a heads-up about its collection plans, something Mozilla communicated last week for Firefox.
The Black Hat and DEFCON events bring together the black, white and grey hat communities to share information about what's really what when it comes to information security. Thycotic surveyed attendees at this year's Black Hat conference to find out what works and doesn't work when it comes to protecting data.
You'd think flipping burgers is about as far from cybersecurity as you can possibly get. But when you're in charge of risk and compliance for a chain of over 500 burger places across the North American continent, you take governance, risk and compliance very seriously. Merlin Namuth is in charge of all that for Red Robin Burgers. I spoke with him at the recent RSA Conference held in Singapore.
Classic decluttering advice - the kind of stuff you've been reading on Lifehacker for years - starts with getting rid of what you don't use or need. But are you applying the same principle to your systems? A demonstration of an old vulnerability in SMB 1at DEFCON highlights this, with a Windows Server rendered useless by a Raspberry Pi and a few lines of code. Beneath the surface of your apps, lie dangerous vulnerabilities.