Malware found in over 100 signed Windows drivers
Yesterday's security updates for Windows and other Microsoft products came with an advisory regarding the malicious use of Microsoft signed drivers. Security researchers at Sophos, Trend Micro and Cisco informed Microsoft about […]
"Big Head" ransomware fakes Windows Update to trick users
Security researchers at FortiGuard Labs have discovered a new type of ransomware that is targeting home computer users. Dubbed Big Head, the ransomware fakes Windows Update to avoid detection. The researchers note […]
RustBucket malware: A PDF could finish your Mac
Cybersecurity research conducted by the illustrious team at Elastic Security Labs has brought to light a virulent new strain of the RustBucket malware, a notorious enemy of macOS-powered devices. It appears the […]
Proton Pass password manager leaves beta: here is our take
Proton, the organization behind Proton Mail, VPN and other services, has released the first stable version of Proton Pass today after a beta period. Proton Pass is an open source password manager […]
Microsoft Teams vulnerability discovered to bypass file sending restrictions
A newly discovered vulnerability in Microsoft Teams allows attackers to push malware onto the devices of other Microsoft Teams users, even if they are considered external. IT security researchers at Jumpsec have […]
Some LastPass users are locked out of their accounts after trying to reset their authenticator app
Password management service LastPass started to prompt its customers to reset their two-factor authentication method on May 9th, 2023. The company upgraded account security at the time by raising the number of […]
1Password adds Telemetry to its password manager, but it is opt-in, sort of
The makers of the password management service 1Password announced the rollout of what they call a "privacy-preserving telemetry system" in the application today. Telemetry collects usage data and many applications and all […]
Asus releases firmware updates for routers to address critical security issues
Asus has released new firmware for a wide range of its routers that address nine different security issues, some of which rated critical. The company encourages customers to install the firmware update […]
New Bitwarden update fix a huge vulnerability on Windows.... update now!
The open source Bitwarden password manager supports biometric authentication. Windows Hello is supported on Windows, so that users may use biometric authentication to access their passwords and other vault data. Up until […]
KeePass password manager update improves security
Dominik Reichl, the lead developer of the KeePass password manager, has released KeePass 2.54 to the public. The new version of the application improves security in several meaningful ways, and it addresses […]
MOVEit file transfer vulnerability exploited by hackers
Security researchers have discovered that threat actors are using a serious zero-day flaw in the MOVEit file transfer product in a number of client scenarios. According to BleepingComputer, MoveIt Transfer from Progress Software […]
Critical vulnerability in Gigabyte Motherboards discovered
Millions of PC devices with Gigabyte motherboards are in danger. Researchers at Eclypsium have discovered backdoor-like tools in hundreds of Gigabyte motherboard models. The legitimate tools are used by Gigabyte for updating […]
1Password tightens the thumbscrews for users of the old version of the password manager
Password management service 1Password has deleted the classic browser extensions from the Google Chrome Web Store and Mozilla's Firefox Add-ons repository. The company announced the end of support for the classic browser […]
Password manager Bitwarden will soon be able to store passkeys
Bitwarden users will be able to save, store and manage passkeys in the password manager this summer, according to a new announcement on the official Bitwarden blog. Passkeys is a new authentication […]
Do you know which data breaches you have fallen victim to?
In today's digital landscape, the security of personal information is an ever-present concern. The ubiquity of data breaches raises questions about the extent to which identities are exposed and vulnerable. While high-profile […]
Your KeePass Master Password may be at risk, but a fix is coming
A recently disclosed vulnerability in the KeePass password manager may be exploited to retrieve the master password. The vulnerability, CVE-2023-32784. indicates that the master password may be recovered from system memory dumps, […]
237,000 US government employees affected by data breach
According to a recent report, a data breach at the United States Department of Transportation (USDOT) led to the leak of personal information of 237,000 current and past federal government employees. A […]
Virustotal expands AI security scans to AutoHotkey and other scripts
Google launched VirusTotal Code Insight in April 2023 to expand the functionality of its malware detection and analysis platform. Up until now, VirusTotal could tell its users whether antivirus engines considered a […]
Microsoft's cloud services are scanning password protected ZIP archives
Microsoft cloud services, including OneDrive and SharePoint, have started to scan password protected ZIP archives that users upload or share using these services. Internet users have a number of options when it […]
Toyota Japan confirms decade-long security breach
Toyota Japan has confirmed that due to a cloud misconfiguration, the personal and vehicle information of 2.15 million users was leaked on the internet. Moreover, the information has been on the internet […]
Google's .zip Top Level domain is already used in phishing attacks
Google released the top-level domain .zip to the public recently, which means that interested organizations and users may register .zip domains. Cyber criminals are already using .zip domains in phishing campaigns. According […]
Data breach alert: Intel confronts massive security incident
MSI lost up to 1.5TB of sensitive data due to a security compromise, but it is not the only company facing issues. Because of the MSI data breach back in March, Intel […]
Should you protect your Google Account with a passkey instead of a password?
Last week, Google unlocked the ability to create passkeys to protect Google Accounts and to switch to using passkeys instead of passwords for protection. The question that Google customers may have is […]
Microsoft Defender Antivirus had highest system load impact in latest AV-Test
Modern Windows operating systems include Microsoft Defender Antivirus by default. The security component is enabled by default, but it will turn itself off for the most part if an administrator installs another […]
Western Digital informs customers that hackers stole personal data
Western Digital customers who have used the company's Western Digital online store may have had personal information stolen by hackers. The company revealed in early April 2023 that it suffered a security […]
1Password: Passkey support is coming in June
1Password revealed plans this week to launch passkeys support in June 2023. The announcement was published on the same day that Dashlane, another password service, announced support for passwordless sign-ins as well. […]
Password Manager Dashlane wants to eliminate the master password
Password management service Dashlane announced plans to eliminate the master password; this password is used currently to unlock a user's vault at the service. The company announced support for passkeys in its […]
Protect your money: AT&T email accounts under attack by hackers
A recent report says that hackers have been breaking into email addresses provided by AT&T and stealing huge amounts of cryptocurrency. According to a report from Tech Crunch, unknown hackers have been […]
Why you shouldn't turn on Google Authenticator's cloud sync feature
Google Authenticator is a popular two-factor authentication app to create codes for authorization processes. Up until now, Google Authenticator did not sync codes across a customer's devices, which meant that customers had […]
VirusTotal Code Insight: AI-powered malware analysis feature
VirusTotal announced the launch of Code Insight, a new feature of the malware detection and analysis platform, which uses AI to analyse code and provide information on detected threats. One of VirusTotal's […]
Ireland is the next country to ban TikTok
According to a report by The Irish Times, the National Cyber Security Centre (NCSC) has instructed employees of government departments and agencies to remove TikTok from their work-related devices following a thorough […]
Proton Pass: new password manager announced
Proton, the Switzerland-based company known for its Proton line of products, including Proton Mail, Proton VPN and Proton Drive, announced the launch of Proton Pass today. Proton Pass is a password manager […]
1Password ending support for classic browser extensions
1Password is a popular commercial password management solution. Agile Bits, the company behind the product announced a change recently that affects all users who still use classic extensions. Broken down to its […]
Microsoft's new naming convention for threat groups sound like an order at a cocktail bar
Strawberry Tempest, Night Tsunami, Aqua Blizzard or Circle Typhoon sound like something that you would order in a Cocktail bar, or a fancy coffee joint. These deliciously sounding constructs are, however, not […]
KeePassXC security audit published, recommends this security setting
KeePassXC is a popular password manager for Windows, Mac and Linux that uses the KDBX file format from the password manager KeePass. The developers of KeePassXC have published the results of a […]
Western Digital hackers claim to have copied 10TB of company data
Western Digital confirmed a network security incident earlier this month, but did not reveal much in terms of information, as the investigation was still ongoing at the time. The company did shut […]
Kodi confirms user forum data breach
Kodi, maker of the popular entertainment center app, confirmed a data breach of its user forum software earlier this week. The development team became aware of the hack after a dump of […]
FBI warns: avoid public charging stations
The Federal Bureau of Investigation has issued a warning against using public phone and tablet charging stations. Bad actors are using manipulated stations to infect phones and other connected devices with malware. […]
The impact of remote work on cybersecurity: Tips for staying safe
Remote work has seen an incredible boost during the pandemic. As governments and organizations scrambled to get things under control, many workers and students suddenly found themselves in quite the different work […]
MSI warns against installing unofficial firmware after suffering a cyberattack
MSI confirmed that it has become the victim of a cyberattack on Friday. The company published a short statement on its official site about the incident. In it, MSI describes that its […]