Collaborate Disseminate
Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that doesn’t sound so bad, you should know… Continue reading Apps secretly turning devices into proxy network nodes removed from Google Play
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of… Continue reading BSAM: Open-source methodology for Bluetooth security assessment
The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes to settle charges that the company and its subsidiaries sold such i… Continue reading Avast ordered to pay $16.5 million for misuse of user data
Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay for them. Det… Continue reading Microsoft will offer extended security updates for Windows 10
QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are two-dimensional matrix barcodes used for tracking products, identifying item… Continue reading Quishing: Tricks to look out for
Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search en… Continue reading Google ads for KeePass, Notepad++ lead to malware
ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoi… Continue reading Researchers warn of increased malware delivery via fake browser updates
Permission Slip, an iPhone and Android app developed by Consumer Reports, helps users ask companies and data brokers to stop sharing their personal data and/or delete it. The Permission Slip app (Source: Consumer Reports) US consumer data privacy laws … Continue reading Sic Permission Slip on data brokers that use your data
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vulner… Continue reading Easy-to-exploit Skype vulnerability reveals users’ IP address
Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the 2023 Consumer Impact Report from the Identity Theft Resource Center (ITRC) an… Continue reading Surge in identity crime victims reporting suicidal thoughts