Credit to Author: Paul Ducklin| Date: Tue, 25 Feb 2020 13:35:35 +0000
Fascinating research from SophosLabs into a wolf-in-sheep’s-clothing malware sample.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3g0vYIb_wLc” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Danny Bradbury| Date: Tue, 25 Feb 2020 11:47:17 +0000
That smart home speaker isn’t listening to everything you say, according to new research – but it is listening a lot more than it should.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/J0yh5jhzK8w” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Lisa Vaas| Date: Tue, 25 Feb 2020 11:22:04 +0000
Nonsense! says Google in response to a lawsuit filed by New Mexico’s AG, which accuses Google of violating COPPA’s child privacy laws.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cvVZ0VW5JqY” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Sharky| Date: Tue, 25 Feb 2020 03:00:00 -0800
It’s back when 5-inch floppy disks roamed the Earth, and a customer service tech sends a software update to a customer known to be a bit more than a little computer-challenged, says a pilot fish in the know. This involves physically mailing a stack of disks to the customer, along with a note saying to call the tech when she’s ready to install the update.
When the call comes, the tech is prepared to walk her through the installation step by step. After getting the computer booted up and verifying that the user has located disk No. 1, the tech says, “Insert the floppy disk into the disk drive, with the label facing up.”
Customer: “Done.”
Tech: “Type ‘A,’ and press the Enter key.”
Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000
From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.
Read moreCredit to Author: Malwarebytes Labs| Date: Mon, 24 Feb 2020 16:32:34 +0000
 | |
| A roundup of the previous week’s most notable security stories and events, including cloud identity management, a noteworthy Twitter scam-tastrophy, RobbinHood ransomware, and more. Categories: Tags: awisBlueKeepcatfishingChrome ExtensionCrypto scamsdeepfakeselectionsepic gamesfirmwareIDaaSidentity-as-a-serviceJamila KayaLokiBotransomwarescammerstwitterVoatzweek in securityweekly blog roundupYouTube hack |
The post A week in security (February 17 – 23) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jovi Umawing| Date: Mon, 24 Feb 2020 16:00:00 +0000
 | |
| What many don’t realize is that SMBs need the same level of protection from threats that are usually only afforded to enterprises. Managed service providers (MSPs) are the key to getting the protection and service they need while staying on budget. Categories: Tags: compliancemanaged service providersMSPMSPsransomwareSMBzero unemployment rate |
The post Why managed service providers (MSP) are critical for business continuity appeared first on Malwarebytes Labs.
Read more
Credit to Author: Jonny Evans| Date: Mon, 24 Feb 2020 06:06:00 -0800
Does your voice assistant wake up randomly when you are engaged in normal conversation, listening to radio, or watching TV? You’re not alone, and this may have serious implications in enterprise security policy.
“Anyone who has used voice assistants knows that they accidentally wake up and record when the ‘wake word’ isn’t spoken – for example, ‘seriously’ sounds like the wake word ‘Siri’ and often causes Apple’s Siri-enabled devices to start listening,” the Smart Speakers research study says.
Credit to Author: Lisa Vaas| Date: Mon, 24 Feb 2020 13:28:57 +0000
The company left a server open and unprotected, regurgitating private data slurped from thousands of surveilled people, including children.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/F2UPHduG6YE” height=”1″ width=”1″ alt=””/>
Read more