Zack Whittaker – WindowsTechs.com

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Posted on September 17, 2020 by BrianKrebs

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Continue reading Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack→

‘War Dialing’ Tool Exposes Zoom’s Password Problems

Posted on April 2, 2020 by BrianKrebs

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number major corporations are setting up meetings without passwords enabled. Continue reading ‘War Dialing’ Tool Exposes Zoom’s Password Problems→

Apple Explains Mysterious iPhone 11 Location Requests

Posted on December 5, 2019 by BrianKrebs

KrebsOnSecurity ran a story this week that puzzled over Apple’s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system… Continue reading Apple Explains Mysterious iPhone 11 Location Requests→

Avast, NordVPN Breaches Tied to Phantom User Accounts

Posted on October 22, 2019 by BrianKrebs

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password. Continue reading Avast, NordVPN Breaches Tied to Phantom User Accounts→