Tag Archive for: Web’

Sites Have a Sneaky New Way to Track You Across the Web

/in


This week saw the first known appearance of malware written specifically for Apple’s M1 processors, in inevitable but still somewhat concerning development, especially given how little time it took the bad guys to adjust to the new ARM-based architecture. Fortunately, this week Apple also put out its latest Platform Security Guide, which should help security researchers and companies protect against the latest and greatest macOS and iOS threats.

International hacking made the news this week as well. France tied Russia’s destructive Sandworm hackers to a campaign that exploited an IT monitoring tool from Centreon, a company based there. And the Department of Justice indicted three North Korean hackers this week, alleging their involvement in a sweeping series of heists and scams that includes the 2014 assault against Sony Pictures and attempted thefts totally $1.3 billion.

Elsewhere, we took a look at how to avoid phishing scams and how Parler got back online despite being cut off by the big tech companies. We published the latest installment of 2034, a novel that looks at a fictional future war with China that feels all too real. And you should set aside some time this weekend to read this excerpt from Nicole Perlroth’s This Is How They Tell Me the World Ends, which looks at the unlikely and previously untold origins of the market for so-called zero-day bugs.

And there’s more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

To be extremely clear, the technique that we’re about to explain for sites to track you across the web—even if you clear your cache or use an incognito window—is one that researchers found, not necessarily one that sites are actually using, especially not at scale. (Then again, there’s not much these analytics companies won’t do.) The technique works by focusing on favicons, the little icon that your browser displays to represent the site you’re on. Because most browsers store those favicons separately from your browsing history and cookies, traditional means of avoiding tracking like using a private mode or clearing your cache don’t affect them. Which in turn means,…

Source…

Writing for the Web – Security Boulevard

/in


A guide for writing better technical articles + blog posts

Photo by Andrew Neel on Unsplash

One of the questions I get the most in my Twitter DMs is “How do I write better technical blog posts”?

Technical writing is a specialist skill, and I am by no means an expert. But over the past few years, writing my technical blog has taught me a lot about writing for the Internet. So today, here are my tips to help you produce better technical articles.

Simplify

Good writing is easy to read. This is especially true when writing on the Internet. On the Internet, your technical blog post has the potential to be shared anywhere in the world. You never know who will come across your content and what their background will be. Simple articles allow non-native speakers and novices to consume your article. Short sentences and paragraphs also make your article easier to read for people using mobile devices.

You want your content to be understandable by the largest group of readers. So it is essential to keep it simple. I am not suggesting that you dumb down your technical content. But you should try to use simple words and sentence structures whenever possible. Avoid jargon, abbreviations, and obscure references. And when you can explain something with one word, never use ten.

Next, simplify your sentences and paragraphs. The rule of thumb that I use is “one idea per sentence and one concept per paragraph.” Do not try to say too much in one go. Keep sentences short. If your sentence is getting too long, divide it up to two.

Chunk it up

Writing a blog post is not like writing a research paper or a book because the way people consume information on the Internet is different. When people read your blog posts, they might scan the entire article before committing time to reading it. They might be browsing Twitter or checking their phones at the same time. They might be reading your article on a tiny smartphone screen.

So when writing Internet content, it’s important to deliver a good digital experience. Divide your article up into easily digestible chunks. Ensure that each section is marked by appropriate headers and subheaders and that you are introducing concepts in a sequence…

Source…

A Billion-Dollar Dark Web Crime Lord Calls It Quits

/in


Just over a week ago, an employee at a water treatment plant in Oldsmar, Florida, noticed that the cursor on his screen started moving on its own. Soon it was clicking through controls, raising the supply of lye in the water supply from 100 parts per million to 1,100 ppm, enough to cause serious damage to human tissue. Fortunately, the employee moved quickly to revert things to normal levels. It is still unclear who was behind this dramatic hack, and it’s a sober reminder of how exposed so many industrial systems remain despite years of warnings.

Facebook also seems to have ignored warnings about the proliferation of Covid-19 scams on its platform; researchers this week exposed multiple scams they found on both the social media network and the messaging service Telegram.

Cyberpunk 2077 developer CD Projekt Red had already been battered by players frustrated with the game’s rampant bugs and poor gameplay on legacy consoles. This week it disclosed that ransomware was recently added to its list of woes, as a hacker group claimed to have stolen internal documents as well as source code for its most popular games. CD Projekt Red said it would not pay the ransom.

Microsoft finally patched a vulnerability that was first introduced into its Windows Defender antivirus product—recently renamed Microsoft Defender—at least 12 years ago. A barcode scanner app started serving up adware to its millions of users after an update in December. And be sure to read the third installment of 2034, the fictional tale of an all-too-real-sounding future war with China.

And there’s more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

Since 2014, if you were in the market for a stolen credit card or identity on the dark web—or until recently out in the open—the Joker’s Stash has been your one-stop shop. According to analysis by blockchain analysis firm Elliptic, the operator of Joker’s Stash announced that they would close up shop this month after taking in what Elliptic pegs at over a billion dollars of cryptocurrency during their run. (It’s unclear whether JokerStash, the account that runs the marketplace, is…

Source…

Tech Q&A: Trying to stop the invasion of the web trackers | Lifestyles

/in


Q: I try to keep my Windows 10 PC free of unwanted software by running PC security (Malwarebytes) and cleaning (CCleaner) programs on my Windows 10 PC. I also use the DuckDuckGo search engine that doesn’t create profiles of its users.

Yet when I log into my Gmail account, my PC acquires about 200 to 300 web trackers (a type of software that monitors your online activity) that I have to remove using CCleaner. If I log into Facebook, I get another 300 to 400 trackers. If I spend a couple of hours online, I can accumulate 20,000 or more trackers, which is far more than my old Windows 7 PC gets.

Why does Windows 10 attract more tracking software, and what can I do to maintain my privacy?

— Cliff Grulke, Minneapolis

A: There are several reasons that your Windows 10 PC is overrun by web trackers, bits of software code that follow you online to help marketers learn more about you. Here are a few:

• Web trackers make money. Nearly all commercial websites use them to create an elaborate profile of your tastes and habits, a profile that the websites can use themselves or sell to others.

Your online movements are tracked by cookies (bits of code left in your web browser), Google and Facebook tracker software (that follows you even when you aren’t on their websites), session recorders (that record everything you do on a website), key-loggers (that record what you type into text boxes on a website, even if you don’t submit anything), beacons (invisible objects in a web page that record how many times you viewed that page) and “fingerprinting” (a record of the technical details of your computer that can be used to identify you.)

• While privacy advocates are aware of web trackers, most people aren’t. As a result, web tracking keeps expanding. A recent study showed that 87% of the most popular websites now track your movements, whether you sign in to the website or not (see tinyurl.com/yyy5qyas). (View the web trackers on any website at tinyurl.com/y2em59e6).

• Windows 10 may indeed attract more web tracker software, because it collects more personal information about you than earlier versions of Windows did. Microsoft shares some of that information…

Source…