Security is one of the most significant considerations when owning any technology, as you can lose data and finance if not careful. You’ll find articles here that cover various apps and options, threats to browser and device security, and some tips.

deceptive site warning

Massive Fake Website Campaign Spreading Malware detected

Security researchers have detected a big malware campaign that is using fake websites to impersonate popular products and brands to spread malware. So-called typosquatting attacks register domain names that resemble the domain […]

security update guide rss

Microsoft adds RSS feed support to its Security Update Guide service

Microsoft's Security Update Guide site is a core service when it comes to information about security information and updates that Microsoft releases. Up until now, users could sign-up using an account to […]

user onedrive folder

OneDrive DLL Sideloading vulnerability exploited in the wild

Security services provider BitDefender published information about a DLL sideloading vulnerability of OneDrive that is exploited in the wild. According to the information, malicious actors exploit the vulnerability to mine cryptocurrency on […]

maigret username search

Maigret: create user dossiers based on username searches on thousands of sites

Maigret is an open source cross-platform tool to create profiles on users using just username searches. The program is free to use and does not require any APIs or configuration. The command […]

lastpass august 2022 security incident

LastPass provides details on August 2022 hack

LastPass informed customers about a security breach on the company's official blog in August 2022. This week, the company published additional information about the hack after its investigation. Back in August 2022, […]

Microsoft Teams is storing authentication tokens in cleartext

Microsoft Teams is storing authentication tokens in cleartext

A security vulnerability has been discovered in Microsoft Teams. A report that was published by security firm Vectra, reveals that Microsoft Teams is storing authentication tokens in cleartext. Microsoft Teams security issue […]

username generator

Bitwarden password manager adds Fastmail email forwarding support

Bitwarden is a popular choice when it comes to password managers. A late entry to the niche, it is open source, free for personal use and does not restrict functionality artificially for […]

hp support assistant vulnerability

HP Support Assistant has a DLL Hijacking Vulnerability

HP Support Assistant is a software program that is included on HP computers and notebooks. The program is also available as a standalone download; customers who use HP peripherals, such as printers […]

Windows Defender notifications about Win32/Hive.ZY virus were false positives

Windows Defender notifications about Win32/Hive.ZY virus were false positives

Many users have reported that Windows Defender had notified them about a Win32/Hive.ZY virus on their computer. Microsoft has confirmed that a bug was causing the issue, and has fixed it. Windows […]

lastpass august 2022 security incident

LastPass discloses August 2022 security breach

LastPass, maker of the popular password management solution, disclosed a security breach on the company blog. According to the published information, LastPass noticed "unusual activity" about two weeks ago in the development […]

Plex warns users to change their passwords after a data breach

Plex warns users to change their passwords after a data breach

The streaming media platform, Plex, has revealed that it has been impacted by a data breach. The company has advised users to reset their passwords to protect their accounts. Plex data breach […]

intel processor identify vulnerable

Security vulnerabilities found in Intel and AMD processors

Security researchers have discovered vulnerabilities in Intel and AMD processors that may lead to information disclosure. Most Intel 10th, 11th and 12th generation processors are affected by a new vulnerability that the […]

paypal fake phishing invoice

Your next Phishing email may come straight from PayPal

Malicious actors have started to exploit a loophole in the defenses of many home users, organizations, email and security services, to send out phishing emails from legitimate services. Threat actors have found […]

aitm phishing campaign

Another phishing attack that bypasses multi-factor authentication targets Microsoft email users

Cybersecurity research analysts at Zscaler have uncovered a new large-scale phishing campaign targeting Microsoft email users. The main targets of the campaign are corporate users, specifically end users in Enterprise environments that […]

nvidia geforce security update windows 7 8

Nvidia releases security update for unsupported Windows 7 and 8.1 systems

Nvidia ended support for Microsoft's Windows 7 and 8.1 operating systems in 2021 officially. The company announced that it would release critical security updates for unsupported systems until September 2024. Nvidia released […]

libreoffice version

LibreOffice security update fixes macro execution bypass and potential password leaking

The developers of LibreOffice have released updates for the open source Office suite to patch three security issues. LibreOffice is a popular cross-platform Microsoft Office alternative that is available for Windows, macOS […]

RememBear password manager is shutting down in July 2023

RememBear password manager is shutting down in July 2023

RememBear is shutting down in July 2023. The password manager service was launched by TunnelBear Inc., in 2017. The VPN provider was acquired by McAfee in 2018. What happened to RememBear? An […]

OpenDocument text files (.odt) malware campaign discovered

Security researchers at HP Wolf Security managed to isolate a malware campaign that used OpenDocument text files for distribution. This particular campaign was part of a larger one that was targeting the […]

phishing site

Office Phishing Attack circumvents multi-factor authentication

Microsoft security researchers and engineers discovered a massive phishing attack that has been targeting more than 10,000 organizations since September 2021. The malicious actors used adversary-in-the-middle (AiTM) phishing sites to steal passwords […]

Patches for new Retbleed AMD and Intel microprocessor vulnerability may have significant overhead

Certain microprocessors from Intel and AMD are vulnerable to a new speculative execution attack related to Spectre Variant 2.  Attacks may be used to leak data from kernel memory and mitigations may […]

Bitwarden to add support for passwordless login to vault, autofill for other desktop apps

The Bitwarden roadmap for 2022 has been updated, the company plans to implement some interesting features in its password manager. Bitwarden to add support for passwordless login One of the upcoming features […]

fake microsoft office sig in webview2 keylogger

New Windows Phishing Method gives attackers access to cookies and more

The rise of two-factor authentication added a new layer of security to the authentication process on the Internet. Attacks designed to steal user credentials are still common, but many fall short because […]

adobe acrobat reader security compatibility issue

Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents

Adobe is blocking several antivirus tools actively from scanning PDF documents loaded by its Adobe Acrobat Reader application, according to a security report published by Minerva Labs. The company found evidence that […]

ransomware data disclosure

Rapid7 research reveals which data ransomware groups seek and use for leverage

When it comes to ransomware attacks, some data is more precious to ransomware groups as others. A new research study by Rapid7, Pain Points: Ransomware Data Disclosure Trends, provides insight on the […]

microsoft defender standalone

Microsoft Defender for Android, Apple iOS and macOS, and Windows now available

Microsoft Defender, the default security application on Windows, is now available as a standalone solution for the mobile operating systems Android and iOS, for Apple's macOS operating system, and for Windows. Microsoft […]

Intel Firmware updates for Memory Mapped I/O security vulnerabilities

Intel released new firmware updates to address Memory Mapped I/O security vulnerabilities. Intel and Microsoft published advisories this week to inform system administrators about the issues. Microsoft customers may visit the Adv220002 […]

browser privacy tests

PrivacyTests reveals how your web browser does privacy-wise

All web browsers support some privacy features, some more than others, but none protect users 100% against all privacy threats; that is the quintessence of the tests that PrivacyTests runs regularly. PrivacyTests […]

chrome cleartext passwords cookie data

Your browser stores passwords and sensitive data in clear text in memory

Your web browser may store sensitive data, including usernames, passwords and session cookies in clear text in memory according to CyberArk security researcher Zeev Ben Porat. Most Chromium-based web browsers appear to […]

cloudsek phishing

Phishing: use of reverse tunnel services to avoid detection and shutdown increases

Security researchers at CloudSEK have noticed an increase in the use of reverse tunnel service and URL shorteners in phishing campaigns. Cyber criminals use services such as, Ngrok or LocalhostRun to […]

LastPass introduces passwordless Vault access

LastPass, maker of the password management service, introduced support for accessing a customer's Vault using passwordless technology in June 2022. Passwordless account systems use other means of authentication to provide users with […]

windows-disable troubleshooting wizards

Here is how to protect Windows PCs from Protocol vulnerabilities

Two days ago, security researchers disclosed a vulnerability in the Microsoft Support Diagnostic Tool that affects all client and server versions of the Windows operating system. The tool, designed as a tool […]

How to use Bitwarden with SimpleLogin or AnonAddy

Bitwarden's username generator now supports SimpleLogin, AnonAddy, and Firefox Relay email alias services

Bitwarden has updated its browser extensions and Web Vault to improve its username generator. The cloud-based password manager introduced the feature in April 2022. What's new in Bitwarden 2022.05.0 Update Bitwarden now […]

Pre-hijacking Attacks of user accounts are on the rise

Most computer users are aware that criminals may gain access to their online accounts, for instance, by stealing or guessing the password, through phishing or other forms of attack. Many may not […]

pwn2own 2022

Pwn2Own 2022: Windows 11, Ubuntu, Firefox, Safari, Tesla and more hacked

The hacking event Pwn2Own took place from May 18 to May 20 of 2022. This year, security researchers managed to hack Windows 11 and Ubuntu, Firefox, Safari, Microsoft Teams, a Tesla and […]

form data leaks organization

Trackers may collect data that you type even before hitting submit

Many websites come with web forms, for example, to sign-in to an account, create a new account, leave a public comment or contact the website owner. What most Internet users may not […]

nvidia security update

Nvidia releases security update for out-of-support GPUs

Nvidia published a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in […]

malware attack event log windows

New malware attack stores payloads in the Windows event log

Security researchers have uncovered new malware that is using the Windows event log to store to store malicious codes. The researchers note that this is the first time the technique has been […]

microsoft passwordless account

Google, Microsoft and Apple commit to passwordless sign-in standard

Google, Microsoft and Apple have announced support for expanding passwordless sign-in support across major operating systems and devices. The three companies announced plans on May 5, 2022 to support a passwordless sign-in […]

april 2022 performance test windows av comparatives

AV-Comparatives: Microsoft Defender has a large impact on system performance

Security research and testing company AV-Comparatives released the results of its April 2022 Performance test. The test analyzed the system performance impact of antivirus solutions on Windows devices. The company ran a […]

windows ransomware protection

Ransomware Study 2022: attacks are up, ransom payments are increasing

Ransomware attacks are increasing and getting more complex, according to the State of Ransomware 2022 report, which cybersecurity firm Sophos published. Companies are getting better at restoring data after attacks, but ransom […]



Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up