Author Archives: John E Dunn

CSS tracking trick can monitor your mouse without JavaScript

Posted on May 9, 2019 by John E Dunn

A security researcher has demonstrated a new way to track mouse movements even if users block JavaScript. Continue reading CSS tracking trick can monitor your mouse without JavaScript→

Latest Android security updates, and Google to fix patch delays for Pixel

Posted on May 8, 2019 by John E Dunn

Google’s May security update for Android is out – but will you be lucky enough to get it this week? If you own one of a Pixel device, then yes. Continue reading Latest Android security updates, and Google to fix patch delays for Pixel→

MegaCortex ransomware distracts victims with Matrix film references

Posted on May 7, 2019 by John E Dunn

One moment, the defenders’ network looked secure but the next, as if out of nowhere, the ransom note pops up. Continue reading MegaCortex ransomware distracts victims with Matrix film references→

Criminals are hiding in Telegram – but backdoors are not the answer

Posted on May 3, 2019 by John E Dunn

When it comes to an easy life, the criminals behind the fearful Anubis banking malware have become big fans of Twitter and, increasingly, the secure messaging of Telegram. Continue reading Criminals are hiding in Telegram – but backdoors are not the answer→

Is a sticky label the answer to the IoT’s security problems?

Posted on May 2, 2019 by John E Dunn

How can IoT security be improved? The UK Government just published new details of its surprising and unfashionable answer. Continue reading Is a sticky label the answer to the IoT’s security problems?→

Millions of consumer smart devices exposed by serious security flaw

Posted on May 1, 2019 by John E Dunn

This IoT software flaw could render millions of consumer devices, including baby monitors and webcams, open to remote discovery and hijack. Continue reading Millions of consumer smart devices exposed by serious security flaw→

Docker breach of 190,000 users exposes lack of two-factor authentication

Posted on April 30, 2019 by John E Dunn

The containerisation platform has asked 190k users to change their passwords after hackers gained access to a database of personal data. Continue reading Docker breach of 190,000 users exposes lack of two-factor authentication→

NIST tool boosts chances of finding dangerous software flaws

Posted on April 29, 2019 by John E Dunn

NIST thinks it has reached an important milestone in complex software testing with something called Combinatorial Coverage Measurement (CCM). Continue reading NIST tool boosts chances of finding dangerous software flaws→

Microsoft drops password expiration from Windows 10 security

Posted on April 26, 2019 by John E Dunn

Microsoft has recognised that users don’t actually change their passwords when prompted, they just tweak them. And that doesn’t help anyone. Continue reading Microsoft drops password expiration from Windows 10 security→

Blochainbandit stole $54 million of Ethereum by guessing weak keys

Posted on April 25, 2019 by John E Dunn

Someone has been quietly pilfering Ethereum (ETH) cryptocurrency worth millions of dollars without anyone noticing or, apparently, caring. Continue reading Blochainbandit stole $54 million of Ethereum by guessing weak keys→