Apple's Safari web browser was found to have multiple security flaws that allowed for user's online activity to be tracked, say Google researchers.
In a yet-to-be-published paper, the researchers reveal issues in a Safari feature which is actually supposed to increase user privacy. The Intelligent Tracking Prevention (ITP) feature found in the iOS, iPadOS and macOS version of the browser is meant to block tracking, but vulnerabilities mean that third parties could have accessed sensitive information about users' browsing habits.
It can hardly have escaped your attention that Windows 7 has now reached end of life. For companies and enterprise customers unwilling to pay for Extended Security Updates, this means there will be no more updates. The average home user who has decided to stick with Windows 7 has been completely abandoned by Microsoft, leaving them with an operating system that could be found to contain an endless number of security vulnerabilities.
But, actually, there is another option for home users, and it does not involve paying any money to Microsoft. We're talking micropatches. Specifically, we're talking about micropatches from 0patch. We've covered the work of this company in the past, including its recent fix for the Internet Explorer vulnerability.
At the end of last week, a serious vulnerability was discovered in Internet Explorer, affecting all versions of Windows. Not only is the bug (CVE-2020-0674) being actively exploited, but for Windows 7 users the vulnerability was exposed right after their operating system reached the end of its life.
Even for users of newer versions of Windows, and despite the severity of the security flaw, Microsoft said it would not be releasing a patch until February. Stepping in to plug the gap comes 0patch with a free micropatch for all versions of Windows affected by the vulnerability.
A new report reveals how Microsoft exposed nearly 250 million Customer Service and Support records online late last year.
The security research team at Comparitech discovered five servers, each of which contained the same 250 million logs of conversations with Microsoft support agents and customers. The records, which spanned 2005 to December 2019, were accessible to anyone with internet access; no password protection or encryption was used.
Proton Technologies has announced that it is open sourcing its VPN tool, ProtonVPN.
The Swiss firm says that not only is it releasing the source code for its VPN tool on all platforms, but also that it has conducted an independent security audit. Created by CERN scientists, ProtonVPN has amassed millions of users since it launched in 2017 and the decision to open source the tool gives users and security exports the opportunity to analyze the tool very closely.
Microsoft says it is working on a fix for a serious security vulnerability in Internet Explorer. The bug affects versions 9, 10 and 11 of the browser in Windows 7, 8.x, 10, Windows Server 2008 and 2012.
The memory handling bug can be exploited by an attacker to run malicious code on a target computer, but despite its severity, Microsoft is unlikely to release the fix before next month's Patch Tuesday. News of the vulnerability comes just days after Microsoft ended support for Windows 7.
Using analysis of the last three year's worth of data breach information from the UK's Information Commissioner's Office (ICO), cyber security awareness platform CybSafe has revealed that phishing breaches have jumped significantly.
In 2019, UK organizations reported more cyber security breaches to the ICO than ever before. A total of 2,376 reports were sent to the public body last year, up from 540 in 2017, and 1,854 reports in 2018.
A new online fraud scheme is designed to trick people into thinking they are owed compensation for data leaks only to scam them out of cash.
Researchers at Kaspersky uncovered the scam which tries to get users to purchase 'temporary US social security numbers' at a cost of around $9 each. Victims have been found in Russia, Algeria, Egypt and the UAE, as well as other countries.
A lot has been written about the consumerization of IT, but when it comes to personal security Josh Wyatt, VP of global services engagement at Optiv Security, believes consumers would be well served to take a page from the corporate cybersecurity playbook and adopt a 'zero trust' security strategy.
We recently spoke with Josh to find out how zero trust security can help consumers defend against cyberattacks, what types of threats we need to be aware of, and how this all relates to the business world.
Check Point Research has released its 2020 Cyber Security Report, looking at the key malware and cyber-attack trends during 2019.
Even though cryptomining declined during 2019, linked to cryptocurrencies' fall in value and the closure of the Coinhive operation in March, 38 percent of companies globally were impacted by crypto-miners in 2019, up from 37 percent the previous year. Crypto-miners remain a low-risk, high-reward activity for criminals.
It can hardly have escaped your attention that yesterday was the day Microsoft stopped supporting Windows 7.
To make sure anyone who was unaware is alerted to the fact that no more security updates will be available, full-screen warnings are now being displayed. Microsoft had previously advised Windows 7 users that this message would appear, and as of today the company is making good on its promise.
Two-factor authentication is a handy means of securing accounts, and now iPhone users are able to use their handsets as a security key for their Google accounts.
An update to the Google Smart Lock app brings the functionality to Apple fans, several months after the feature was made available to Android users. It's a security method that has been welcomed by many as it does not require the use of any additional hardware, just something you always tend to have with you -- your phone.
Over the past few years, we've seen a surge in popularity for both consumer fintech apps, as well as fintech services for businesses.
This shift in the financial services ecosystem has empowered users to take greater control of their financial lives, equipping them with tools to better understand how and where they spend their money, increase their credit scores, prepare taxes, aggregate disparate financial and investment accounts, among many other applications.
One of the most notable trends of the 2010s was an increase in data breaches. The Privacy Rights Clearinghouse maintains a chronological database of data breaches that stretches back to 2005. Hacks and cybersecurity threats were an issue for companies and organizations even in the 1980s and the 1990s, but a simple scroll through that database will show how much more frequent data breaches have become within the past ten years. Since 2009 or 2010, notable data breaches have occurred virtually every day.
Why are these threats on the rise? One factor is that people are living more of their lives online. Between social media, online shopping, and the growing segment of the workforce that conducts most or all of its business on the internet, there are more targets for hackers and cybercriminals than ever before. This infographic shows how dramatically the production of global data has grown even in the past five years. With so much data out there, it stands to reason that cybercrime is becoming a more significant enterprise. It’s easy to imagine the culprits behind data breaches as keyboard warriors sitting alone in dark rooms, wreaking havoc from afar. What many people don’t recognize: the threat could be coming from the cubicle next door.
US officials have warned British ministers that using Huawei technology in the UK's 5G network would be "nothing short of madness".
Prime Minister Boris Johnson reacted to the warning saying that he had no intention of putting the UK infrastructure or national security at risk. He also called on critics of Huawei to suggest alternatives.