Posts

New study finds 5 of every 6 routers are inadequately updated for security flaws

Consumer group blames open source libraries and the lack of auto-update mechanisms.

A new study by a US consumer nonprofit has found that five out of six home routers are inadequately updated for security flaws, leaving the devices, and indirectly their users, vulnerable to hacking.

Carried out by the American Consumer Institute (ACI), the study analyzed a sample of 186 … Read more...

This is how cyber attackers stole £2.26m from Tesco Bank customers

Poor debit card security and a “series of errors” in reporting exacerbated an incident that could have been easily avoided.

The inner workings of a cyber attack against Tesco Bank which saw £2.26m stolen from 9,000 customers — and resulted in the bank being fined over £16.4m for the failings that allowed it to happen — have been revealed.

The … Read more...

Hacker gets a whopping 14 years in prison for running Scan4You service

Ruslan Bondars run a “VirusTotal-for-crooks” operation from 2009 to 2017.

Ruslan Bondars, a 37-year-old man from Latvia was sentenced to a whopping 14 years in prison for facilitating cybercrime by creating and running a service named Scan4You that allowed malware authors to check the detection rates of their malicious code.

In the infosec industry, Scan4You is what security researchers and … Read more...

FBI to all router users: Reboot now to neuter Russia’s VPNFilter malware

The FBI is recommending that all small business and home router owners reboot devices, even if they’re not among the brands known to be affected.

The FBI is urging small businesses and households to immediately reboot routers following Cisco’s report that 500,000 infected devices could be destroyed with a single command.

The malware, dubbed VPNFilter, was developed by the … Read more...

Windows critical flaw: This security bug is under attack right now, says Microsoft

,

Microsoft patches two flaws that are already under attack, among the 67 bugs in May’s Patch Tuesday update.

Video: Microsoft’s reverse engineering unveils secrets of FinFisher government spyware

Microsoft’s Patch Tuesday update addresses a critical flaw in the Windows VBScript engine that attackers are using to compromise Windows machines through Internet Explorer.

The patch follows an alarm by researchers at … Read more...

Firefox 60 lands: It’s world’s first browser to give you password-free logins, says Mozilla

Firefox becomes first browser to support the Web Authentication API, taking the world closer to no-password logins.

Video: How Mozilla plans to win back Firefox users.

Mozilla has released Firefox 60 with support for a new option to sign in to websites without using a password.

That’s thanks to an emerging W3C standard called Web Authentication or WebAuthn, which … Read more...

Twitter says bug exposed user plaintext passwords

Change your passwords — immediately.

Twitter has admitted that user passwords were briefly stored in plaintext and may have been exposed to the company’s internal tools.

In a blog post, the microblogging site urged users to change their passwords.

“When you set a password for your Twitter account, we use technology that masks it so no one at the company … Read more...

Facebook launches Clear History feature that should have been there all along

Clear History will take a few months to build and input from various parties, but Facebook will allow users to clear their data trail–just like you can with your browsers.

Facebook is launching a feature dubbed Clear History and perhaps the most shocking item is that it wasn’t there before.

Ahead of his talk at the F8 developer conference, CEO Read more...