Do you use any of the following Chrome browser extensions? Change HTTP Request Header Nyoogle - (a custom logo for Google) Stickies - (a Post-It note for Chrome) Lite Bookmarks If so, you're not alone. These four extensions have a combined user base of more than half a million. Recently, security researchers from ICEBRG (a US cyber-security company) have discovered malicious codes embedded in copies of these on the official Chrome Web Store. The code allows hackers to … Read more
Backdoor In Certain Lenovo Switches Discovered
Does your company utilize either RackSwitch or BladeCenter networking switches? Are those switches running ENOS (the Enterprise Network Operating System)? If so, there's a backdoor in your network you weren't aware of. Even worse, it's been there since 2004. Engineers at Lenovo recently discovered the backdoor in the firmware when they conducted an internal security audit. These products were added to the company's portfolio via acquisition from Nortel, and Lenovo only just became aware … Read more
Vulnerabilities Found In Some GPS Services
A duo of researchers stumbled across a series of vulnerabilities in literally hundreds of GPS services that leave sensitive GPS tracking data open to hackers. Dubbed "Trackmageddon" by the researchers, the vulnerabilities span a range of weaknesses that include default or easy-to-guess passwords, IDOR (Insecure Direct Object Reference) issues, insecure API endpoints, and data collection folders that are entirely unsecured. The reason so many different tracking services are impacted is that … Read more
Electronic Device Search Rules Better Defined By US Customs
There's a constant tug of war playing out on the national stage. On one side, privacy advocates are pushing for greater autonomy for end users, and hard limits to the types of searches that law enforcement agencies are allowed to conduct. On the other side are the government agencies themselves, which often cite national security concerns as the justification for more and easier access to the sensitive data contained on personal devices like laptops and smartphones. Generally speaking, … Read more
New Wifi Standard WPA3 May Be Coming
Remember the KRACK WiFi (WPA2) vulnerability, discovered by Mathy Vanhoef? It turns out that his discovery was a catalyst for action. Recently, the WiFi Alliance, which is the industry's standards organization, released details about its new WPA3 protocol. Here's a quick rundown of the changes you can expect to see in the months ahead: Enhancements in encryption capabilities - The new protocol will enable encrypted connections between connected devices and the router/access point, and … Read more
Weird Sounds Coming From Your Speakers? Could Be A Hacker
Have you been hearing strange, otherworldly sounds on your Bose or Sonos speakers? If so, rest assured that your speakers aren't haunted. They've likely been hijacked by hackers. Researchers at Trend Micro have confirmed that some models (the Sonos Play:1, the Sonos One and the Bose SoundTouch) of both brands of speakers are vulnerable to hacking if the speaker is connected to a misconfigured network. If the hackers find such a speaker, they can take control of the speaker and direct to … Read more
Sound Waves May Be Used In Future Hard Drive Attacks
Another week, another attack vector, and this one deserves extra points for creativity. New research has proved the viability of using something as simple and innocuous as sound waves to disrupt the normal functioning of HDDs, which can be used to sabotage a wide range of equipment from Pcs, to CCTV systems, ATMs and more. Researchers have toyed with, and been aware of the possibility of using sound waves to disrupt the normal functioning of an HDD for more than a decade, but the most … Read more
Tech Tips: Is Your Data Backup Protected Against Storm Season?
The Best Defense is a Good Offense It's that special time of year when the threat of fire, flood, severe storms, water damage and even theft are very real. This is why ensuring your company's critical data is backed up and protected in the case of power loss or system damage. To help you protect your valuable business assets, here are a few simple tips: Off Site Storage Backing up your data at an offsite location with dedicated and secure servers and cloud solutions is a must. While … Read more
Virus Spread Through Facebook Messenger Mines For Cryptocurrency
Facebook scams are fairly common occurrences, owing to the sheer size of the platform's user base. It's no surprise that there's a new one making the rounds that you should be aware of. This latest threat was discovered by researchers at Trend Micro, and makes use of Facebook Messenger. If you get a message containing an embedded video file saved as a zip (the file name usually appears as "video_xxxx.zip"), don't click on it, even if it's from someone you know. This file is a modified … Read more
Major Security Flaw Discovered In Intel Processors
There's some bad news if you own a computer driven by an Intel processor. Recently, a dangerous, catastrophic security flaw has been discovered in Intel's X86-64 architecture that allows hackers to access the kernel, which sits at the heart of your OS. By accessing the kernel, a hacker can gain access to virtually everything on the targeted machine. This is accomplished by way of a little-known feature called "speculative execution" which allows the processor to perform operations before … Read more
