Tuesday, March 31, 2020
PC Mag

Malware Steals Data By Adjusting Screen Brightness

Malware on an air-gapped computer can transmit data like Morse code by changing screen brightness in a way that's invisible to the naked eye but easily recorded with a camera.
PC Mag

Hackers Pose as Wall Street Journal Reporter to Phish Victims

Watch out for suspicious interview requests. 'The main focus of this phishing campaign was stealing email account information of the victims, and finding information about their contacts/networks,' the cybersecurity experts at Certfa Lab warned on Wednesday.
PC Mag

Google Photos Videos Were Shared With Strangers

Google's Takeout service was designed to let people download their data, but accidentally sent videos from Google Photos accounts to strangers.
PC Mag

New Coronavirus Strain? Nope, Just Hackers Trying to Spread Malware

The hackers have been using files and emails that warn about a new coronavirus strain to trick users into opening them. Doing so can secretly deliver malware to the victim's machine.
PC Mag

Avast to End Browser Data Harvesting, Terminates Jumpshot

'As CEO of Avast, I feel personally responsible and I would like to apologize to all concerned," wrote Ondrej Vlcek following a PCMag-Motherboard investigation into the privacy risks around the data harvesting.
PC Mag

Avast Defends Data Harvesting, Plans to Get Users to Agree to It

On Tuesday, Avast responded to a PCMag-Motherboard investigation into the company's browser history collection practices, saying it was entirely legal. Avast users should expect to see a prompt from the antivirus products, asking them to consent to the data...
PC Mag

Net Nanny

Net Nanny boasts customizable web filters along with solid screen time and app blocking features, but it's a bit pricey and suffers from a sub-standard web interface.
PC Mag

Save 30 Percent on Keeper, Never Click ‘Forgot Password’ Again

The password-fatigued masses will be pleased to find Keeper's new 30 percent off deal, which brings it down to $20.99 per year from its typical $29.99.
PC Mag

The Cost of Avast’s Free Antivirus: Companies Can Spy on Your Clicks

Avast is harvesting users' browser histories on the pretext that the data has been 'de-identified,' thus protecting your privacy. But the data, which is being sold to third parties, can be linked back to people's real identities, exposing...
PC Mag

Oops! Microsoft Briefly Leaked 250M Customer Support Records

The records involved conversation logs between Microsoft support agents and customers across the globe, dating back to 2005. Most of the records were redacted of customer contact information, but not all.
PC Mag

After Bezos Phone Hack, UN Points Finger at Saudis, Calls for Probe

According to a recent forensic analysis, a WhatsApp account from the Saudi Crown Prince Mohammed bin Salman allegedly sent government-bought spyware to Bezos' phone in May 2018, two UN human rights experts said on Wednesday.
PC Mag

Report: Hack of Amazon’s CEO Phone Tied to Saudi Prince

The stunning allegation reportedly comes from a forensic analysis Amazon CEO Jeff Bezos commissioned to determine the culprit behind the hack, which resulted in his private photos ending up in the hands of the National Enquirer.
PC Mag

Report: Apple Dropped Plans for Fully-Encrypted iCloud Backups

Six sources confirmed Apple changed its mind on end-to-end encrypted backups two years ago following an FBI complaint and concerns users could lose access to their own data.
PC Mag

Feds Seize WeLeakInfo.com for Selling Access to Stolen Data

The FBI seizes the internet domain to WeLeakInfo.com, a site that was cataloging billions of records, such as email addresses and passwords, from more than 10,300 data breaches at various companies and service providers.
PC Mag

Bad Flaw in Windows 10 Also Affects Chrome Browser

Security researchers are demonstrating how you can use the Windows 10 flaw, CVE-2020-0601, to spoof the trusted digital certificates for official website domains on Google's Chrome browser. These same certificates can warn you about hacking attempts.
PC Mag

Google’s Advanced Protection Expands to Phone-Only Users

Google had made it easier to join the company's Advanced Protection Program, which is designed to stop the most sophisticated hackers from breaking into your Gmail account. Before you needed two security keys to enroll. Now you just need...
PC Mag

17 Android Apps Caught Hiding and Displaying Aggressive Ads

Bitdefender found the apps used a number of different techniques to dodge Google Play's vetting system allowing them to be installed over 550,000 times.
PC Mag

Windows 10 Flaw Lets Malware Disguise Itself as Legit Software

The National Security Agency is urging users, especially enterprises, to install the patch from Microsoft. In the wrong hands, the vulnerability can be used to spoof the digital certificates software companies use to verify that their applications are authentic.
PC Mag

Steganos Safe

Steganos Safe creates secure encrypted storage for your sensitive files. It's very easy to use, and it offers some unique options for maintaining privacy and secrecy.
PC Mag

Hackers Are Abusing a Bug in Firefox to Take Over Computers

'We are aware of targeted attacks in the wild abusing this flaw,' Mozilla said in the advisory. It's not clear how the hackers were exploiting the bug, but they likely created a malicious website to trigger the flaw.

Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC

Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.

Defense Evasion Dominated 2019 Attack Tactics

Researchers mapped tactics and techniques to the MITRE ATT&CK framework to determine which were most popular last year.

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...