Google

tripwire.com

Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea

Computer users are being reminded once again to take care over the browser extensions they install after security experts discovered a hacking campaign that has been targeting academic institutions since at least May 2018.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

And don’t miss our special bonus interview about passwords with Rachael Stockton of LastPass.


1 min read

Google chose not to go public about bug that exposed Google Plus users’ data

The really big news today is not that Google is shutting down Google Plus (who cares?), but rather that Google knew months ago that user data had been exposed and kept the fact quiet.


2 min read

If an extension goes rogue, everything you do in your browser is compromised

The official Chrome browser extension for Mega.nz was compromised with a malicious update, stealing passwords and private keys.

Keep your browser extensions to a minimum, and always be wary if they ask for elevated permissions.


2 min read

Fortnite fury over how Google handled its security hole

Epic Games isn’t happy about how Google handled the disclosure of the serious security vulnerability in Fortnite.


2 min read

bitdefender.com

Google warns businesses of government-backed phishing attacks

If a government-backed hacking gang cannot extract the information it wants from a single person’s Gmail account, they might instead target an organisation they work for or with whom they are affiliated.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Pausing ‘Location history’ doesn’t stop Google tracking your location. Here’s how to stop it

You would think that telling Google that you didn’t want your location be tracked by disabling an option called “Location History” would stop the internet giant from errr.. storing data about your location.

Think again.


1 min read

Smashing Security #090: Fortnite for Android, and the FCC’s DDoS BS

Fortnite players are told they’ll have to disable a security setting on Android, the FCC finally admits that it wasn’t hit by a DDoS attack, and Verizon’s VPN smallprint raises privacy concerns.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Bisson.


1 min read

You’ll have to disable a recommended Android security setting to install Fortnite

Encouraging Android users to download apps from non-official sources is not a good idea from the security point of view, but Epic Games wants to maximise its profits.


2 min read

Android apps infected with umm… *Windows* malware

Security researchers at Palo Alto Networks recently discovered 145 apps in the official Google Play Android store that were “infected by malicious Microsoft Windows executable files.”

Yes, you read that correctly. Android apps carrying malicious Windows executables.


1 min read

Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Not one of Google’s 85,000 employees has had their accounts compromised by phishing in a year.  How have they done it? Find out in this podcast.

Also, we discuss with special guest Scott Helme how websites still using HTTP are now marked as “not secure” by Google Chrome, and if you’re buying drugs via PayPal’s Venmo app you should say goodbye to privacy.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault.


1 min read

Google Chrome users met with ‘Not secure’ warnings when visiting HTTP sites

If you’re still running a website that is using insecure HTTP then it’s probably too late.

Some of your website’s visitors are going to be greeted with a message that tells them that they can’t trust your website to be secure.


1 min read

Smashing Security #087: How Russia hacked the US election

Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier things being done in the name of surveillance.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


1 min read

Smashing Security #086: Elon Musk submarine scams and 2FA bypass

Crypto scamming Thai cave scoundrels! $25 million to make anti-fake news videos! TimeHop data breach! Phone number port out scams!

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by B J Mendelson.


1 min read

Facebook doesn’t want to eradicate fake news. If it did they’d kick out InfoWars

Facebook would like you to believe that it’s serious about ridding its platform of fake news. So how come InfoWars, one of the most notorious outlets of sick conspiracy theories, is allowed to maintain a page on the social network?


2 min read

tripwire.com

60,000 Android devices hit by battery-saving app attack

Computer security experts have discovered an unusual attack targeting users of Android devices.

Read more in my article on the Tripwire State of Security blog.


0 sec read