macOS High Sierra Logs External Volume Passwords in Plaintext
In macOS High Sierra, the passwords used for Apple File System (APFS)-encrypted external drives are logged and kept in on-disk log files, a security researcher has discovered. The APFS file system was introduced by Apple with the release of macOS High Sierra and is automatically applied to the startup volume when the platform High Sierra […] more…Why Kids Use Secret Decoy Apps and Why Parents Should Care
Kids have been locking their diaries and hiding top secret shoe boxes since Sandy Olssen had a crush on Danny Zuko. The need for more and more privacy is a natural part of growing up. Today, however, some kids hide their private lives behind locked decoy apps catapulting those harmless secret crushes to a whole […] more…IT threat evolution Q1 2017
Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include […] more…Operation Blockbuster revealed
Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Some of the targets of these […] more…A Nightmare on Malware Street
Another ransomware has been spotted in the wild lately, branded as ‘CoinVault’. This one involves some interesting details worth mentioning, including the peculiar characteristic of offering the free decryption of one of the hostage files as a sign of good faith. Technically, the malware writers have taken a lot of measures to slow down the […] more…Timeline: Hacks Related to Apple
The hacks related to Apple involve a lot of complexities. Let’s review the time line: February 1st: Twitter’s Director of Information Security, Bob Lord, posted “Keeping our users secure” on Twitter’s blog. On a Friday. The weekend of the NFL’s Super Bowl. Lord explained that Twitter had been hacked, and that 250,000 accounts have had […] more…WordPress Security: 5 Steps To Reduce Your Risk
Often you hear the question, “What plugins should I use for WordPress Security?”. It’s a valid question, but I don’t think it’s the best approach if it’s the only question you’re asking, or the only action you’re taking. If you’re leaving the security of your blog to a plugin from a 3rd party alone, you’re […] more…More information
- What humans do better than machines
- VLC 3.0.7 is Biggest Security Release Due to EU Bounty Program
- Jihadist US teen gets 11 years for blog, tweets about crypto and Bitcoin
- Malicious npm package taken down after Microsoft warning
- Top global security exports defend encryption
- Merry Xmas, fellow code nerds: Avast open-sources decompiler
- Adversaries Take Advantage of the Seams. Let’s Close Them.
- Degree Audit Outage – Oct. 3, 2012 – 12AM-10AM
- Will the U.S. government draft cybersecurity professionals?
- Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware Campaigns