macOS High Sierra Logs External Volume Passwords in Plaintext
In macOS High Sierra, the passwords used for Apple File System (APFS)-encrypted external drives are logged and kept in on-disk log files, a security researcher has discovered. The APFS file system was introduced by Apple with the release of macOS High Sierra and is automatically applied to the startup volume when the platform High Sierra […] more…Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII)
Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII) Seems like we always have a connected device somewhere within arm’s reach, whether it’s a smartphone, laptop, tablet, a wearable, or some combination of them all. In a way, we bring the internet along with us nearly wherever we go. Yet there’s something […] more…Sunburst backdoor – code overlaps with Kazuar
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named “Dark Halo”. FireEye did not link this activity to any known actor; […] more…Why Kids Use Secret Decoy Apps and Why Parents Should Care
Kids have been locking their diaries and hiding top secret shoe boxes since Sandy Olssen had a crush on Danny Zuko. The need for more and more privacy is a natural part of growing up. Today, however, some kids hide their private lives behind locked decoy apps catapulting those harmless secret crushes to a whole […] more…IT threat evolution Q1 2017
Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include […] more…Operation Blockbuster revealed
Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Some of the targets of these […] more…A Nightmare on Malware Street
Another ransomware has been spotted in the wild lately, branded as ‘CoinVault’. This one involves some interesting details worth mentioning, including the peculiar characteristic of offering the free decryption of one of the hostage files as a sign of good faith. Technically, the malware writers have taken a lot of measures to slow down the […] more…Timeline: Hacks Related to Apple
The hacks related to Apple involve a lot of complexities. Let’s review the time line: February 1st: Twitter’s Director of Information Security, Bob Lord, posted “Keeping our users secure” on Twitter’s blog. On a Friday. The weekend of the NFL’s Super Bowl. Lord explained that Twitter had been hacked, and that 250,000 accounts have had […] more…WordPress Security: 5 Steps To Reduce Your Risk
Often you hear the question, “What plugins should I use for WordPress Security?”. It’s a valid question, but I don’t think it’s the best approach if it’s the only question you’re asking, or the only action you’re taking. If you’re leaving the security of your blog to a plugin from a 3rd party alone, you’re […] more…More information
- Chrome Browser Gets Major Security Update
- Modular Backdoor Can Spread Over Local Network
- Surface called one of the "most overpriced gadgets of all time," we rebuff
- Organizations Warned of New Lilith, RedAlert, 0mega Ransomware
- Foxit Studio Photo CVE-2019-17138 Out-Of-Bounds Read Information Disclosure Vulnerability
- How to choose the right UCaaS platform for your company
- CurrentC gets user email addresses pickpocketed
- Microsoft Internet Explorer ‘CAttrValue’ Style Attribute Remote Memory Corruption Vulnerability
- Twitter CEO Hack Highlights Dangers of ‘SIM Swap’ Fraud
- How PC Threats Go Mobile