Security vulnerabilities found in Intel and AMD processors
Security researchers have discovered vulnerabilities in Intel and AMD processors that may lead to information disclosure. Most Intel 10th, 11th and 12th generation processors are affected by a new vulnerability that the […]
Your next Phishing email may come straight from PayPal
Malicious actors have started to exploit a loophole in the defenses of many home users, organizations, email and security services, to send out phishing emails from legitimate services. Threat actors have found […]
Another phishing attack that bypasses multi-factor authentication targets Microsoft email users
Cybersecurity research analysts at Zscaler have uncovered a new large-scale phishing campaign targeting Microsoft email users. The main targets of the campaign are corporate users, specifically end users in Enterprise environments that […]
Nvidia releases security update for unsupported Windows 7 and 8.1 systems
Nvidia ended support for Microsoft's Windows 7 and 8.1 operating systems in 2021 officially. The company announced that it would release critical security updates for unsupported systems until September 2024. Nvidia released […]
LibreOffice security update fixes macro execution bypass and potential password leaking
The developers of LibreOffice have released updates for the open source Office suite to patch three security issues. LibreOffice is a popular cross-platform Microsoft Office alternative that is available for Windows, macOS […]
RememBear password manager is shutting down in July 2023
RememBear is shutting down in July 2023. The password manager service was launched by TunnelBear Inc., in 2017. The VPN provider was acquired by McAfee in 2018. What happened to RememBear? An […]
OpenDocument text files (.odt) malware campaign discovered
Security researchers at HP Wolf Security managed to isolate a malware campaign that used OpenDocument text files for distribution. This particular campaign was part of a larger one that was targeting the […]
Office Phishing Attack circumvents multi-factor authentication
Microsoft security researchers and engineers discovered a massive phishing attack that has been targeting more than 10,000 organizations since September 2021. The malicious actors used adversary-in-the-middle (AiTM) phishing sites to steal passwords […]
Patches for new Retbleed AMD and Intel microprocessor vulnerability may have significant overhead
Certain microprocessors from Intel and AMD are vulnerable to a new speculative execution attack related to Spectre Variant 2. Attacks may be used to leak data from kernel memory and mitigations may […]
Bitwarden to add support for passwordless login to vault, autofill for other desktop apps
The Bitwarden roadmap for 2022 has been updated, the company plans to implement some interesting features in its password manager. Bitwarden to add support for passwordless login One of the upcoming features […]
New Windows Phishing Method gives attackers access to cookies and more
The rise of two-factor authentication added a new layer of security to the authentication process on the Internet. Attacks designed to steal user credentials are still common, but many fall short because […]
Report: Adobe Reader is blocking antivirus tools from scanning loaded PDF documents
Adobe is blocking several antivirus tools actively from scanning PDF documents loaded by its Adobe Acrobat Reader application, according to a security report published by Minerva Labs. The company found evidence that […]
Rapid7 research reveals which data ransomware groups seek and use for leverage
When it comes to ransomware attacks, some data is more precious to ransomware groups as others. A new research study by Rapid7, Pain Points: Ransomware Data Disclosure Trends, provides insight on the […]
Microsoft Defender for Android, Apple iOS and macOS, and Windows now available
Microsoft Defender, the default security application on Windows, is now available as a standalone solution for the mobile operating systems Android and iOS, for Apple's macOS operating system, and for Windows. Microsoft […]
Intel Firmware updates for Memory Mapped I/O security vulnerabilities
Intel released new firmware updates to address Memory Mapped I/O security vulnerabilities. Intel and Microsoft published advisories this week to inform system administrators about the issues. Microsoft customers may visit the Adv220002 […]
PrivacyTests reveals how your web browser does privacy-wise
All web browsers support some privacy features, some more than others, but none protect users 100% against all privacy threats; that is the quintessence of the tests that PrivacyTests runs regularly. PrivacyTests […]
Your browser stores passwords and sensitive data in clear text in memory
Your web browser may store sensitive data, including usernames, passwords and session cookies in clear text in memory according to CyberArk security researcher Zeev Ben Porat. Most Chromium-based web browsers appear to […]
Phishing: use of reverse tunnel services to avoid detection and shutdown increases
Security researchers at CloudSEK have noticed an increase in the use of reverse tunnel service and URL shorteners in phishing campaigns. Cyber criminals use services such as bit.ly, Ngrok or LocalhostRun to […]
LastPass introduces passwordless Vault access
LastPass, maker of the password management service, introduced support for accessing a customer's Vault using passwordless technology in June 2022. Passwordless account systems use other means of authentication to provide users with […]
Here is how to protect Windows PCs from Protocol vulnerabilities
Two days ago, security researchers disclosed a vulnerability in the Microsoft Support Diagnostic Tool that affects all client and server versions of the Windows operating system. The tool, designed as a tool […]
Bitwarden's username generator now supports SimpleLogin, AnonAddy, and Firefox Relay email alias services
Bitwarden has updated its browser extensions and Web Vault to improve its username generator. The cloud-based password manager introduced the feature in April 2022. What's new in Bitwarden 2022.05.0 Update Bitwarden now […]
Pre-hijacking Attacks of user accounts are on the rise
Most computer users are aware that criminals may gain access to their online accounts, for instance, by stealing or guessing the password, through phishing or other forms of attack. Many may not […]
Pwn2Own 2022: Windows 11, Ubuntu, Firefox, Safari, Tesla and more hacked
The hacking event Pwn2Own took place from May 18 to May 20 of 2022. This year, security researchers managed to hack Windows 11 and Ubuntu, Firefox, Safari, Microsoft Teams, a Tesla and […]
Trackers may collect data that you type even before hitting submit
Many websites come with web forms, for example, to sign-in to an account, create a new account, leave a public comment or contact the website owner. What most Internet users may not […]
Nvidia releases security update for out-of-support GPUs
Nvidia published a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in […]
New malware attack stores payloads in the Windows event log
Security researchers have uncovered new malware that is using the Windows event log to store to store malicious codes. The researchers note that this is the first time the technique has been […]
Google, Microsoft and Apple commit to passwordless sign-in standard
Google, Microsoft and Apple have announced support for expanding passwordless sign-in support across major operating systems and devices. The three companies announced plans on May 5, 2022 to support a passwordless sign-in […]
AV-Comparatives: Microsoft Defender has a large impact on system performance
Security research and testing company AV-Comparatives released the results of its April 2022 Performance test. The test analyzed the system performance impact of antivirus solutions on Windows devices. The company ran a […]
Ransomware Study 2022: attacks are up, ransom payments are increasing
Ransomware attacks are increasing and getting more complex, according to the State of Ransomware 2022 report, which cybersecurity firm Sophos published. Companies are getting better at restoring data after attacks, but ransom […]
Ransomware payments are marginal when compared to the overall costs
Ransomware payments by organizations made up about a seventh of the overall costs of ransomware attacks in 2020 according to a new study by Check Point Research and Kovrr. While ransom payments […]
Bitwarden Password Manager can now generate unique usernames
While many people use password managers for the convenience of remembering a single login, the master password, the primary advantage that such programs offer, is that they provide an easy way to […]
Phishing Attacks grew by 29% in 2021 overall. Smishing is on the rise
Phishing attacks have grown by 29% in 2021 when compared to 2020 according to an analysis by Zscaler's ThreatLabz research team. The researchers analyzed data from over 200 billion daily transactions and […]
Microsoft Defender's protective capabilities suffer offline
Microsoft Defender, the default security solutions on modern versions of the Windows operating system, has been doing well in recent antivirus tests of independent organizations such as AV-Comparatives. In 2019, it was […]
Millions of Lenovo devices affected by BIOS vulnerability
Millions of Lenovo notebooks are affected by a serious BIOS vulnerability. Lenovo informed its customers about the vulnerability on its support website this week. The company released firmware updates for some of […]
Workaround for security issue in 7-Zip until it is fixed
Recent versions of the open source archiver 7-Zip have a vulnerability that has not been fixed yet. Successful exploitation of the vulnerability allows privilege escalation and the execution of commands; it appears […]
Muting videoconferencing apps may not prevent them from listening
Videoconferencing solutions have seen a huge boost since 2020. Workers and students started to work or learn from home, and communicated with others using videoconferencing services. Videoconferencing relies on camera and microphone […]
How to detect the Windows Tarrask Malware that uses a bug to avoid detection
Microsoft published information about a new malware on its security website on April 12, 2022. The malware, named Tarrask, exploits a bug in Windows' task scheduling system to evade detection. Tarrask is […]
Symantec says that hackers distributed a modified version of VLC and exploited it for malware attacks
Last week, news began circling around that VLC was being abused by hackers to inject some malware. The issue came to light after Symantec published a report on its Security Threat Intelligence […]
Hundreds of HP printers affected by critical security issues
HP published two security bulletins that inform customers about critical security issues affecting hundreds of the company's printer models. Firmware updates that patch the security issues are available for some printer models […]
KeePassXC 2.7.0 update with improved Auto-Type, Tags for entries launches out of beta
KeePassXC 2.7.0 has been released to the stable channel. The update brings several new features that were tested in the beta version. My previous article covers most of the changes in this […]
