Wireless peripherals and computer accessories offer mess-free convenience in the workspace, allowing users to move keyboards and mice to a more comfortable or visually pleasing position or to switch between computers at the press of a button. However, unlike other types of USB devices that IT departments vet – such as USB flash drives, card readers, fingerprint sensors, and authentication devices – wireless keyboards and mice might not receive a high level of scrutiny. Wireless devices typically are not chosen and used with security in mind, and a surprising...
Trending
Hot Cybersecurity News. Hot Cyber Articles Vulnerability disclosures, Malware and Threat analysis. Exploit & Vulnerability News. Independent researchers and analysis.
Google announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a “simplified and unified management experience that’s the same in Chrome and Android settings,” Ali Sarraf, Google Chrome product manager, said in a blog post. The updates are also expected to automatically group multiple passwords for the same sites as well as introduce an option to manually add passwords. Although Google appears to be not ready yet to make Password Manager as a standalone app,...
Businesses say that they take the security of customer data seriously but, when presented with a vulnerability, are often more concerned about their own reputation than the security of their customers. Handle disclosure correctly and you can do both: protect your customers and protect your reputation. Do it wrong and you damage both. By far the most painful part of vulnerability research is responsible disclosure. If we find something bad in a smart thing, it would be fairly irresponsible to publish a method to do bad things without giving...
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside from other stealers sold on the dark web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of,” security researcher Joakim...
LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content from their websites, or they will face legal action, reports BleepingComputer Reports The emails, spotted by analysts at AhnLab, Korea, do not determine which files were unfairly used in the body and instead tell the recipient to download...
Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad who also runs the world’s top spam forum, reports KrebsOnSec. According to a statement by the U.S. Department of Justice, RSOCKS offered...
A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android’s built-in malware defense service — to protect all users, Benoit Sevens and Clement Lecigne of Google Threat Analysis Group (TAG) said in a Thursday report. Hermit, the work of an Italian vendor named RCS Lab, was documented by Lookout last week, calling out its modular feature-set and its abilities to harvest...
We’re almost halfway through this year and, like around the same time during last year, we thought it would be interesting to go a bit deeper into the analytics part of running on infosec-jobs.com job board – in the most privacy-focused way for our users, of course. So here we have our new list with the 10 most in-demand job titles in InfoSec/Cyber in June ’22: 1. Security Engineer2. Application Security Engineer3. Cloud Security Engineer4. Cybersecurity Researcher5. DevSecOps Engineer6. Security Analyst7. Information Security Analyst8. Product Security Engineer9. Information Security Engineer10. Cloud Security...
Facebook users have been warned over a reported cyber-attack which has put five million accounts at risk. Nick Ascoli of PIXM, an anti-phishing browser extension, has issued the warning after millions of accounts were reportedly “stolen and breached”. The attack warning relates to a scam which sees mock Facebook pages sent out via Messenger in an effort to dupe unsuspecting victims into sharing their personal details. Five Million Facebook accounts at risk Nick Ascoli warned: “Once the adversary has compromised the account of a Facebook user, they log in...
Delivery company Yodel has found itself the latest victim of a cyber “incident” that has disrupted services. Rooted firmly to the bottom of the table of best and worst courier firms by consumer campaigner Which? Yodel has gained popularity and, perhaps, a bit of notoriety in recent years as consumers turned to courier companies rather than venture into physical stores. Exactly when security problems began is difficult to ascertain, since Yodel’s social media voicebox is crammed full of disgruntled customers wondering where their products are (indeed, this writer had the joy...