Tag Archive for: Urged

Google chrome users urged to delete app after hack

/in


Google has urged its users to delete one of its most used apps after the tech giant was hacked again this week.

Google is warning users to delete Chrome for the second time this week as the search engine giant confirms “multiple high-level hacks of browser”.

Once again, the tech giant advised its 2.6 billion users to delete Chrome after publishing a new blog post revealing four “high” rated vulnerabilities.

Google’s threat analysis group (TAG) said hackers “created malformed code signatures” that would be considered as ”valid by Windows” but could not be detected by OpenSSL code used in security scanners.

TAG discovered that the OpenSUpdater line of software uses this new technique.

Described as riskware, OpenSUpdater shows ads on victims‘ browsers and then installs unwanted programs into their PCs.

Most of the targeted victims of OpenSUpdater attacks are US-based users prone to downloading cracked games.

The latest warning comes after Google advised its users about a security flaw in the browser that hackers could exploit on Monday.

While Google has maintained that it is working hard to protect users’ security, cyber experts say it’s time to leave Chrome behind.

This year, the company disclosed the latest in a string of security flaws in a September 24 blog post.

The post confirmed that Chrome’s 11th “zero-day” exploit of the year was found and impacted Linux, macOS, and Windows users.

This classification means hackers could use the flaw to their advantage before the tech giant could fix it – upping the threat significantly, Forbes reported.

Google reportedly kept the hack details under wraps to protect users after in-house employees discovered the flaw.

According to Forbes, it was revealed just weeks after Google admitted it “accidentally” allowed the secret tracking of millions of users.

At the heart of Google‘s latest tracking trouble is the rollout of a new Chrome API that detects and reports when a user is “idle” or not actively using their device.

Google has defended the feature from criticism by security experts who say it can be easily abused by malicious sites seeking sensitive information.

“This feature, which we only expect to be used by a…

Source…

Freight brokers urged to increase security in light of pipeline cyberattack

/in


The cyberattack that temporarily shut down the Colonial Pipeline this month serves as a stark reminder that all industries are prone to security threats. A single attack brought the nation to a crawl. Just think of the damage one could cause your operation.

In today’s data-rich transportation and logistics industry, information flows freely from network to network. This is especially true for freight brokerages, which transact large amounts of information both electronically and in the cloud. 

In light of the recent cyberattack, Jamie Cannon, Reliance Partners’ vice president of third-party logistics (3PL), urges freight brokers to examine their cyber risk and insure themselves against damages resulting from such attacks.

Regardless of size, even companies that aren’t household names find themselves victims of digital sabotage, leaving some with heavy financial losses. Though they seem random in nature, these attacks are very much calculated. 

Freight brokers, according to Cannon, hold treasure troves of knowledge on their customers, including sensitive pricing and payment information from shippers and motor carriers. She attests that this puts brokers at an even greater risk than trucking companies.

It’s still unclear how exactly Colonial Pipeline’s network was infiltrated, but cyberattacks are typically perpetuated by similar methods.  

While firewalls are exceptionally good at preventing unauthorized access to one’s network, many hackers gain entry when the door is opened to them. All it takes is the miscue of one employee to inadvertently welcome a host of bad individuals, ultimately compromising the entire network. 

Cannon said, added that the work-from-home business model has put many companies at risk since networks are being accessed from nonsecure locations. 

Phishing is a common method used by hackers to gain access to company data. This often involves baiting unsuspecting employees with emails that can look quite legitimate. “A lot of people are opening [suspicious] emails. There’s certain emails that they shouldn’t respond to, like urgent gift card or wire transfer requests from someone posing as their CEO or…

Source…

UK companies urged to update security after Microsoft hack

/in


The Daily Beast

How Joe Biden—in Less Than Two Months—Turned Ronald Reagan’s Decades-Old Conventional Wisdom on Its Head

Bloomberg/Getty“The nine most terrifying words in the English language are: ‘I’m from the government, and I’m here to help.’” With that famous line, uttered by Ronald Reagan on Aug. 12, 1986, during his second term as president, the GOP mantra for decades to come was born.In fact, this philosophy later even found a home in the Democratic Party. President Bill Clinton in his 1996 State of the Union address declared that, “The era of big government is over,” explaining that, “We have worked to give the American people a smaller, less bureaucratic government in Washington.” And during an October 2000 presidential debate between Al Gore and George W. Bush, pundits at the time noted that the two seemed to be competing for the title of “the candidate of smaller government.” Gore even bragged that his “reinventing government” campaign as vice president under Clinton had reduced the government to its smallest level in terms of jobs since 1960.Biden’s Revolution Is Doing What Obama and Clinton Did Not Those days are, thankfully, gone—at least for now. Even a good chunk of Republicans recognize that during this pandemic, the federal government offering to help is not “terrifying.” Rather, it can be a life-saver both in terms of health and finances.In fact, moments after President Biden finished his national address Thursday marking one year since the virus was declared a pandemic, Trump-lovers Sean Hannity, Mike Huckabee, and others were whining that Biden did not thank Trump for launching “Operation Warp Speed” –the $18 billion federal government program designed to “accelerate the testing, supply, development, and distribution of safe and effective vaccine.” Even these staunch conservatives were implicitly admitting that this federal government program was effective at helping Americans.Another body blow to Reagan’s philosophy that the government is inherently bad can be seen in the remarkable level of support for the massive COVID relief packages. Last March, when the $2.2 trillion CARES Act—the first relief bill—was…

Source…

Hacking threat: Kiwis urged to upgrade Apple devices

/in


News Highlights: Hacking threat: Kiwis urged to upgrade Apple devices.

Apple’s iOS 14.4 update is now live – and in addition to fixing a vulnerability, it will help scan Covid-19 posters.

Late yesterday, Crown agency CERT NZ (the Computer Emergency Response Team) issued an advisory report on a security issue with iOS that Apple says is being actively exploited by hackers.

The problem affects iOS (the software that iPhones run on), iPadOs, and tvOS (the software that Apple TVs run on).

Update your Apple iOS, iPadOS and tvOS devices to version 14.4 immediately where the update is available. For most users, a popup should warn you that an update is available – select ‘Update now’, ”CERT NZ advises.

If you don’t receive a popup message, follow these steps: Go to Settings> System> Software Update. Select “Update Software” there.

At the time, iOS 14 was not available. It should now show up as an option to most users (Apple usually makes iOS updates available continuously). The update took the Herald about 10 minutes to update and install.

Details about the vulnerability are sparse at this stage, but an Apple reporting page about the problem says, “A malicious program can increase permissions,” if it exploits the vulnerability, indicating that a hacker may be in control of a device.

“Apple is aware of a report that this problem may have been actively exploited,” said the iPhone maker says on its security notification page.

The company says it will not provide details on security issues until after they have been patched.

iOS 14.4 also adds support for cutting smaller QR codes – a useful addition as we are all encouraged to step up our Covid poster scanning.

CERT NZ recommends that users enable an automatic software update feature on each device.

The announcement took some of the shine away from the Data Privacy Day, which saw Facebook boss Mark Zuckerberg annoyed by an action by Apple to let advertisers know when they want to track your activity.

Zuckerberg called the move anticompetive. Apple said it was responding to users’ demands for greater privacy and transparency, and released a “Day in the Life of Your Data” presentation to defend its case.

Via:…

Source…