Security

Security is one of the most significant considerations when owning any technology, as you can lose data and finance if not careful. You’ll find articles here that cover various apps and options, threats to browser and device security, and some tips.

bitdefender 2018 interface

Bitdefender 2018 changes

Bitdefender released a refresh of the company's Bitdefender product line yesterday that improves it in several key security areas. Bitdefender Total Security 2018, Bitdefender Internet Security 2018 and Bitdefender Antivirus Plus 2018 […]

bitdefender home scanner

Bitdefender Home Scanner review

Bitdefender Home Scanner is a free program by security company Bitdefender that scans devices on local networks for security issues. The need for security has expanded with Internet of Things being a […]

kaspersky virusdesk

Kaspersky VirusDesk: online file and link scanner

Kaspersky VirusDesk is a free service by Russian security firm Kaspersky that enables you to scan files or links for viruses and other threats. While most computer users would probably agree that […]

travel mode enabled

A look at 1Password's Travel Mode

AgileBits, makers of the 1Password password manager, introduced a new Travel Mode feature in recent versions of the program for paying customers. This new mode hides password vaults when you enable it, […]

keylogger hp

Your HP device might have a keylogger installed

Fresh from Switzerland comes a report from security firm modzero AG about a keylogger in audio drivers of certain HP devices. The keylogger is built-into the driver, records all keystrokes made by […]

intel vulnerability

Detect and Mitigate Intel AMT vulnerability

A recently disclosed vulnerability in Intel products using Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability gives attackers remote access to the manageability features supported by these products. […]

portrait display

Portrait Display service makes millions of HP, Fujitsu and Philips notebooks vulnerable

Security researchers at Sec Consult discovered a vulnerability in Portrait Display, a software used by OEMs such as HP and Fujitsu on millions of notebooks. Portrait Display SDK Service is used by […]

apple phishing punycode

Punycode Phishing Attack fools even die-hard Internet veterans

There are only a handful of rules that you need to know to counter any phishing attack that you may be exposed to on the Internet, right? Check the web address and […]

ADVERTISEMENT
are you identifiable

Are you identifiable by extensions, logins and your browser?

Are you identifiable is a new web service that answers whether Internet sites may identify you based on your extensions, logins, and web browser. Online privacy is a hot topic, and making […]

avira prime

Avira Prime: first look at Avira's new premium service

Avira Prime is a new subscription-based service by security company Avira that can best be described as a cross-platform all-in-one service. First, the basics: Avira Prime is available for 9.95 € per […]

lastpass 4.1.42 exploit

Full Last Pass 4.1.42 exploit discovered

Tavis Ormandy, a prolific member of Google's Project Zero initiative, revealed that he discovered a new security issue in LastPass 4.1.42 (and maybe earlier). Ormandy revealed that he discovered an exploit, but […]

pwn2own 2017

Pwn2Own 2017: Windows, Ubuntu, Edge, Safari, Firefox exploited

The tenth anniversary of the Pwn2Own gathering of hackers, Pwn2Own 2017, saw eleven teams attempt to exploit products across four categories. The products that teams were allowed to target this year included […]

android password managers

Security issues found in nine password managers for Android (LastPass, Dashlane..)

Security researchers of the Fraunhofer Institute found severe security issues in nine password managers for Android that they analyzed as part of their research. Password managers are a popular option when it […]

cloudflare security issue cloudbleed

CloudBleed: check if you visited sites affected by CloudFlare's security issue

CloudBleed is the unofficial name for a security issue discovered on February 17th, 2017 that affected CloudFlare's reverse proxies. CloudFlare is a large provider that is used by more than 5.5 million […]

edge ie vulnerability

Google discloses Edge and IE vulnerability

Google disclosed a security vulnerability in Microsoft Edge and Internet Explorer yesterday that Microsoft failed to patch up until now. This is the second vulnerability that Google disclosed this mean. Last week, […]

gdi32 dll vulnerability

Google discloses another unpatched Windows vulnerability

Google Project Zero member Mateusz Jurczyk disclosed a gdi32.dll vulnerability in the Windows operating system to Microsoft on November 16, 2016. The report itself is quite technical and it would go too […]

cross browser fingerprinting

Researchers develop cross-browser fingerprinting technique

Researchers have developed a cross-browser fingerprinting technique that uses operating system and hardware level features. Fingerprinting has been limited for the most part to individual web browsers in the past. If a […]

smb zero-day windows

SMB Zero-Day affects Windows 8, 10 and Server

The United States Computer Emergency Readiness Team (US-CERT) published a vulnerability note yesterday about a new zero-day vulnerability affecting Microsoft Windows 8, 10 and Server editions. It reads: Microsoft Windows contains a […]

malwarebytes 3.0.6

Malwarebytes 3.0.6 with stability and performance improvements

Malwarebytes 3.0.6 is the latest version of the popular security program for Windows that is available as a free and premium version. The company, also called Malwarebytes, released version 3.0 of the […]

rel noopener browser issue

Web Security: add rel=noopener to external links

Don't touch my tabs! (rel=noopener) is a Firefox add-on that adds rel="noopener" to external links on sites open in Firefox automatically. Noopener_by_default is a userscript that does the same for links. Did […]

gmail phishing

Beware: new sophisticated Gmail phishing attacks

Researchers have discovered a new phishing attack that is currently underway that is targeting Google Gmail accounts in a sophisticated way. What's interesting about this specific attack is that it uses a […]

whatsapp security notifications

WhatsApp Security: make this change right now!

Security researchers found a backdoor in the popular messaging application WhatsApp recently that could allow WhatsApp to intercept and read user messages. Facebook, the owner of WhatsApp, claims that it is impossible […]

Microsoft: Windows 10 Bitlocker is slower, but also better

If you encrypt the hard drive of a computer running Windows 7, and then on the same computer running Windows 10, you will notice that the encryption process is faster on Windows […]

chrome disable autofill

Browser Autofill data may be phished

Most modern web browsers support comfortable features like auto-filling forms on sites using data that you have entered in the past. Instead of having to enter your name, email address or street […]

ransomware simulator

RanSim: Test ransomware attacks on your Windows PC

Ransim is a ransomware simulator for Windows that simulates attacks of ten ransomware families against the computer system. Ransomware is without doubt a relatively new threat category that has gained some prominence […]

netgear router update

Netgear releases first final firmware updates for router security issue

Netgear has released the first batch of production firmware fixes for company routers affected by a serious security vulnerability. Cert issued a warning on December 9, 2016 that several Netgear routers are […]

avira password manager

Avira Password Manager review

Avira Password Manager is a new security product by German company Avira which is probably best known for its antivirus offerings. The password manager niche is crowded, and if you want to […]

malwarebytes free anti exploit

Malwarebytes Anti-Exploit Standalone information

Malwarebytes 3.0, released a couple of days ago, marks a big jump from the company's previous policy of releasing individual security tools. Instead of offering Malwarebytes Anti-Malware, Anti-Exploit and Anti-Ransomware as individual […]

password leak

Password Use Study: massive reuse of passwords

A recent password use study by the German Hasso-Plattner-Institute of roughly 1 billion user accounts concluded that 20% of users were reusing passwords. Additionally, 27% of users used password that were nearly […]

malwarebytes 3.0

Malwarebytes 3.0: new all-in-one protection

Malwarebytes 3.0 is a new product by Malwarebytes, makers of security software that unifies the company's main security products in a single program. Home users had the choice between three different products […]

top vulnerabilities 2016

Flash tops the Exploit Kits Chart in 2016 again

If you needed another reason not to use Flash anymore, a new security report by Recorded Future may convince you to consider this at the very least. The company analyzed 141 exploits […]

bitlocker bypass windows 10

BitLocker bypass on Windows 10 through upgrades

A security researcher discovered a new issue in Microsoft's Windows 10 operating system that allows attackers to gain access to BitLocker encrypted data. A post on the Win-Fu blog highlights the method. […]

windows mitigations updated

Microsoft: Windows 10 makes EMET unnecessary. Study: Nope

Microsoft plans to discontinue support for its Enhanced Mitigation Experience Toolkit in July 2018, and won't release a new version of EMET either. This makes EMET 5.51 the last release version of […]

malwarebytes telecrypt decryptor

Malwarebytes releases Telecrypt ransomware Decrypter

Malwarebytes Telecrypt Decryptor is a free program for devices running Microsoft Windows to decrypt files that are encrypted by the ransomware Telecrypt. Telecrypt is a rather troubling piece of ransomware that is […]

keepass source audit

KeePass audit: no critical security vulnerabilities found

We reported back in June 2016 that KeePass, a popular password manager, was getting a security audit by the European Commission's EU Free and Open Source Software Auditing project (EU-FOSSA). EU-FOSSA is […]

password managers no storage

Deterministic password manager Issues

If you read password managers that don't store passwords here on Ghacks, you know already what deterministic or stateless password managers are. Broken down to the basics, these password managers don't store […]

web of trust ratings

Your browsing history may have been sold already

Add-on companies are selling the browsing history of millions of users to third-parties according to a report that aired on German national TV. Reporters of Panorama managed to gain access to a […]

MBRFilter protects the Master Boot Record against manipulation

MBRFilter is a new open source software for Windows devices designed to protect the Master Boot Record against manipulation. The Master Boot Record holds information about how partitions and file systems are […]

malwarebytes adwcleaner

Malwarebytes acquires AdwCleaner

Malwarebytes, makers of the popular Malwarebytes Anti-Malware, Anti-Exploit, Anti-Ransomware and other security tools, announced on October 19, 2016 that it has acquired AdwCleaner, a program for Windows designed to clean adware from […]

veracrypt 1.19

VeraCrypt 1.19 fixes security vulnerabilities

VeraCrypt 1.19 is the newest version of the popular open source data encryption program that many users switched to after TrueCrypt was discontinued back in 2014. The application is based on TrueCrypt […]


SPREAD THE WORD

GHACKS NEWSLETTER SIGN UP

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up