Tuesday, February 18, 2020
PC Mag

Malware Steals Data By Adjusting Screen Brightness

Malware on an air-gapped computer can transmit data like Morse code by changing screen brightness in a way that's invisible to the naked eye but easily recorded with a camera.
PC Mag

Hackers Pose as Wall Street Journal Reporter to Phish Victims

Watch out for suspicious interview requests. 'The main focus of this phishing campaign was stealing email account information of the victims, and finding information about their contacts/networks,' the cybersecurity experts at Certfa Lab warned on Wednesday.
PC Mag

Google Photos Videos Were Shared With Strangers

Google's Takeout service was designed to let people download their data, but accidentally sent videos from Google Photos accounts to strangers.
PC Mag

New Coronavirus Strain? Nope, Just Hackers Trying to Spread Malware

The hackers have been using files and emails that warn about a new coronavirus strain to trick users into opening them. Doing so can secretly deliver malware to the victim's machine.
PC Mag

Avast to End Browser Data Harvesting, Terminates Jumpshot

'As CEO of Avast, I feel personally responsible and I would like to apologize to all concerned," wrote Ondrej Vlcek following a PCMag-Motherboard investigation into the privacy risks around the data harvesting.
PC Mag

Avast Defends Data Harvesting, Plans to Get Users to Agree to It

On Tuesday, Avast responded to a PCMag-Motherboard investigation into the company's browser history collection practices, saying it was entirely legal. Avast users should expect to see a prompt from the antivirus products, asking them to consent to the data...
PC Mag

Net Nanny

Net Nanny boasts customizable web filters along with solid screen time and app blocking features, but it's a bit pricey and suffers from a sub-standard web interface.
PC Mag

Save 30 Percent on Keeper, Never Click ‘Forgot Password’ Again

The password-fatigued masses will be pleased to find Keeper's new 30 percent off deal, which brings it down to $20.99 per year from its typical $29.99.
PC Mag

The Cost of Avast’s Free Antivirus: Companies Can Spy on Your Clicks

Avast is harvesting users' browser histories on the pretext that the data has been 'de-identified,' thus protecting your privacy. But the data, which is being sold to third parties, can be linked back to people's real identities, exposing...
PC Mag

Oops! Microsoft Briefly Leaked 250M Customer Support Records

The records involved conversation logs between Microsoft support agents and customers across the globe, dating back to 2005. Most of the records were redacted of customer contact information, but not all.
PC Mag

After Bezos Phone Hack, UN Points Finger at Saudis, Calls for Probe

According to a recent forensic analysis, a WhatsApp account from the Saudi Crown Prince Mohammed bin Salman allegedly sent government-bought spyware to Bezos' phone in May 2018, two UN human rights experts said on Wednesday.
PC Mag

Report: Hack of Amazon’s CEO Phone Tied to Saudi Prince

The stunning allegation reportedly comes from a forensic analysis Amazon CEO Jeff Bezos commissioned to determine the culprit behind the hack, which resulted in his private photos ending up in the hands of the National Enquirer.
PC Mag

Report: Apple Dropped Plans for Fully-Encrypted iCloud Backups

Six sources confirmed Apple changed its mind on end-to-end encrypted backups two years ago following an FBI complaint and concerns users could lose access to their own data.
PC Mag

Feds Seize WeLeakInfo.com for Selling Access to Stolen Data

The FBI seizes the internet domain to WeLeakInfo.com, a site that was cataloging billions of records, such as email addresses and passwords, from more than 10,300 data breaches at various companies and service providers.
PC Mag

Bad Flaw in Windows 10 Also Affects Chrome Browser

Security researchers are demonstrating how you can use the Windows 10 flaw, CVE-2020-0601, to spoof the trusted digital certificates for official website domains on Google's Chrome browser. These same certificates can warn you about hacking attempts.
PC Mag

Google’s Advanced Protection Expands to Phone-Only Users

Google had made it easier to join the company's Advanced Protection Program, which is designed to stop the most sophisticated hackers from breaking into your Gmail account. Before you needed two security keys to enroll. Now you just need...
PC Mag

17 Android Apps Caught Hiding and Displaying Aggressive Ads

Bitdefender found the apps used a number of different techniques to dodge Google Play's vetting system allowing them to be installed over 550,000 times.
PC Mag

Windows 10 Flaw Lets Malware Disguise Itself as Legit Software

The National Security Agency is urging users, especially enterprises, to install the patch from Microsoft. In the wrong hands, the vulnerability can be used to spoof the digital certificates software companies use to verify that their applications are authentic.
PC Mag

Steganos Safe

Steganos Safe creates secure encrypted storage for your sensitive files. It's very easy to use, and it offers some unique options for maintaining privacy and secrecy.
PC Mag

Hackers Are Abusing a Bug in Firefox to Take Over Computers

'We are aware of targeted attacks in the wild abusing this flaw,' Mozilla said in the advisory. It's not clear how the hackers were exploiting the bug, but they likely created a malicious website to trigger the flaw.

Sensitive plastic surgery images exposed online

Researchers at VPN advisory company vpnMentor have found yet another online data exposure caused by a misconfigured cloud database.

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

12 hottest new cybersecurity startups at RSA 2020

Starting on February 24, the RSA Conference (RSAC) 2020 gives security vendors old and new a chance to demonstrate their capabilities. The event has become an attractive venue for startups to make their debut. This year’s crop will be...

Hundreds of Millions of PC Components Still Have Hackable Firmware

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made.

Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites

Remote Wipe Plugin Bug Hits 200,000+ WordPress SitesSecurity researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker. The problem lies with versions 1.3.4 and...