Blog

Blog

Security and the ‘Weaponization’ of Misinformation

New media, it would appear, now outpaces the old. More data is consumed and processed than at any time before in human history. But as we hasten into a world where the immediate is often favoured over the verified, the attention-grabbing over the considered, and the assumed over the researched in terms of how we both receive and disseminate...
Blog

The Evolution of Phishing

If you've got an email account or social media profile, it's likely you've come across phishing of some kind before. In a sentence, phishing is the fraudulent attempt to steal personal information by social engineering: the act of criminal deception. Verizon's latest Data Breach Investigations Report notes that "social engineering remains worryingly...
Blog

Ignorance is Bliss? An Enormous WordPress Zero-Day has Been Secretly Fixed

What has happened? A severe zero-day vulnerability has been fixed in WordPress, which - if left unpatched - could allow a malicious attacker to modify the content of any post or page on a WordPress site. Woah! Any post or page could be hijacked? Yes, it's as though you've handed the reins of your site over to a malicious hacker and said - "publish...
Blog

Charger Android Ransomware Spread via the Official Google Play App Store

We all know that ransomware is a growing problem for businesses and home users alike, and that most of it is targeted against Windows users. And we're also familiar with warnings to avoid downloading Android apps from third-party marketplaces rather than officially-sanctioned ones such as the Google Play marketplace. But infosecurity is not a world...
Blog

Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs

Adobe is no stranger to finding itself in the security headlines for all the wrong reasons, and it seems that things may not be changing as we enter 2017. There was controversy earlier this month when news broke about how Adobe took the opportunity on Patch Tuesday of using its regular security updates to force Adobe Acrobat DC users into silently...
Blog

"123456" STILL the Most Common Password among Users

Another year has gone by...but "123456" still remains the most common password employed by users to protect their web accounts. On 13 January, password manager and digital vault developer Keeper Security broke the somber news in a blog post: "Looking at the list of 2016’s most common passwords, we couldn’t stop shaking our heads. Nearly 17 percent...
Blog

Ransomware Offers Free Decryption if you Learn About Cybersecurity

In recent weeks there have been some peculiar new strains of ransomware spotted. Take the Popcorn Time ransomware, for instance, which lets you decrypt your files "the nasty way" by helping the blackmailers spread their attack further. If you can infect two other victims (and get them to pay up) Popcorn Time's developers will allegedly send you your...
Blog

Once again, you can decrypt your CryptXXX ransomware files for free

Ransomware is a significant problem, there's no doubt about that. Time and time again, companies and individuals fall foul of malware that encrypts their data files and demands a ransom be paid for the elusive decryption key. But sometimes, just sometimes, the ransomware authors make mistakes. Because sometimes, ways are found to undo the damage...
Blog

Infosec in Review: Security Professionals Look Back at 2016

2016 was an exciting year in information security. There were mega-breaches, tons of new malware strains, inventive phishing attacks, and laws dealing with digital security and privacy. Each of these instances brought the security community to where we are now: on the cusp of 2017. Even so, everything that happened in 2016 wasn't equally significant....
Blog

KFC Urges Users to Change Passwords After Attack against Website

Kentucky Fried Chicken (KFC) has told members of its Colonel's Club to change their passwords following an attack against its website. The fast food giant confirmed that the attack affected only Colonel's Club users. The loyalty program allows its 1.2 million registered members to collect Chicken Stamps and exchange them for rewards like meals. KFC...
Blog

Patch Your Sony Security Cameras Against Backdoor Attacks!

If you have a Sony network-connected CCTV camera, you may have a security problem. Researchers at SEC Consult uncovered a backdoor in Sony IP cameras that could allow a hacker to remotely execute malicious code, spy on users, brick devices, or recruit them into a DDoS botnet. As the vandal-resistant Sony IPELA Engine IP cameras at the centre of the...
Blog

Under attack: How hackers could remotely target your pacemaker

Once again, researchers have uncovered security flaws that could allow malicious hackers to attack implanted medical devices, such as heart pacemakers and cardiac defibrillators, with the potential to deliver fatal shocks. In a newly-published paper, "On the (in)security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure...
Blog

Mark Zuckerberg has his Pinterest account hacked (again)

Facebook founder Mark Zuckerberg has had extraordinary success at building a social network that has attracted over a billion users. But that's not to say that he's had such luck in every other area of IT. Take securing his online accounts from attack, for instance. To misquote Oscar Wilde's "The Importance of being Earnest": "To lose control of...
Blog

AdultFriendFinder data breach - what you need to know

What has happened? The AdultFriendFinder website appears to have been hacked, exposing the personal information of hundreds of millions of user accounts. What is AdultFriendFinder? I don't want to be indelicate, so I'll just tell you it's strapline: "Hookup, Find Sex or Meet Someone Hot Now". Oh! So like Ashley Madison? Yes, very much so. And we all...
Blog

The World of the Technical Support Scam

According to new research published by Microsoft last month, one in three users fell victim to a tech support scam in the last year. One in five followed up on a suspicious interaction by downloading software or visiting a fraudulent website, while nearly one in ten lost money.The classic scamThe traditional form of a tech support scam has been around...
Blog

How to fight macro malware in Office 2016 and 2013

Macro malware arrived with a bang 21 years ago, and it's still causing problems. Concept, the first ever virus to spread by infecting Microsoft Office files, turned the anti-virus world on its head overnight when it was shipped by Microsoft on a CD ROM in August 1995. Up until then the main thing computer users had to worry about was malware hiding...