Page 85 of 88 FirstFirst ... 35758384858687 ... LastLast
Results 841 to 850 of 872

Thread: Cutting Edge Technology in the news

  1. #841
    Hmmmm, maybe a good reason to close my email accounts once and for all but unfortunately there are other options than taking drastic actions like that. I DO know that if I ever needed to go into rehab for something like "internet addiction"(don't look a me, I'm in denial), I would first make sure that they have Wi-Fi there.
    Last edited by A99; 07-21-2017 at 04:47 PM.
    HTML Code:
    For it is in giving that we receive.
    ~ St. Francis of Assisi

  2. #842
    Quote Originally Posted by A99 View Post
    Hmmmm, maybe a good reason to close my email accounts once and for all but unfortunately there are other options than taking drastic actions like that. I DO know that if I ever needed to go into rehab for something like "internet addiction"(don't look a me, I'm in denial), I would first make sure that they have Wi-Fi there.
    If your email address appears in the list, all you have to do is change your password(s).
    (Meaning: if you use the password for the hacked account on more than one account, you have to change it in all instances where it is used).
    An opinion should be the result of thought, not a substitute for it.
    - Jef Mallett

    Ignorance more frequently begets confidence than does knowledge.
    - Charles Darwin

  3. #843
    Thanks for the info Garuda. As for checking out that link, I'm going to pass on that, at least for today, as I'm not quite up to experiencing a sense of extreme violation which is what I'll be going through should my name pop up in that data search. Am putting a rain-check on that one. Till tomorrow.
    HTML Code:
    For it is in giving that we receive.
    ~ St. Francis of Assisi

  4. #844
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    YEARS undetected? Sounds like MAC could use better virus detection.


    “Perverse” malware infecting hundreds of Macs remained undetected for years


    By Dan Goodin

    A mysterious piece of malware that gives attackers surreptitious control over webcams, keyboards, and other sensitive resources has been infecting Macs for at least five years. The infections—known to number nearly 400 and possibly much higher—remained undetected until recently and may have been active for almost a decade.

    Patrick Wardle, a researcher with security firm Synack, said the malware is a variant of a malicious program that came to light in January after circulating for at least two years. Dubbed Fruitfly by some, both malware samples capture screenshots, keystrokes, webcam images, and information about each infected Mac. Both generations of Fruitfly also collect information about devices connected to the same network. After researchers from security firm Malwarebytes discovered the earlier Fruitfly variant infecting four Macs, Apple updated macOS to automatically detect the malware.

    The variant found by Wardle, by contrast, has infected a much larger number of Macs while remaining undetected by both macOS and commercial antivirus products.
    Story continues
    https://arstechnica-com.cdn.ampproject.org/c/s/arstechnica.com/security/2017/07/perverse-malware-infecting-hundreds-of-macs-remained-undetected-for-years/?amp=1
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  5. #845
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    Last week nearly 1 in 2 Americans had their personal data hacked at the Exerpien Credit Check agency.
    Some helpful hints on how to tell if YOU were hacked, and clues on how to protect yourself, if you were.


    What to do if your identity was stolen after the Equifax hack

    by Katie Lobosco

    At this point, it might be inevitable. Some of you will have your identities stolen.

    Nearly half of Americans had their personal information exposed during a breach at Equifax, the company announced last week.

    And it's just the latest hack. Sensitive data on about 80 million Anthem customers was accessed in 2015.

    These breaches are some of the worst because the information stolen (names, Social Security numbers, addresses) can be used by an imposter to open accounts in your name, steal your tax refund or your Social Security check.

    "This is a goldmine of information for a thief," said Chi Chi Wu, an attorney at the National Consumer Law Center.

    When your credit card number is stolen, it's easier to fix. You call the credit card company to close the card and get a new number. In most cases, you won't be responsible for the charges. Some of the victims of the Equifax hack did have their credit card numbers exposed. Equifax will notify you in the mail if this is the case.

    But the credit rating bureau won't notify you directly if you're one of the 143 million people whose more sensitive information was stolen. You must go online to EquifaxSecurity2017.com to find out.
    Story Continues
    .
    Direct Experian link to See if your personal information is potentially impacted.
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  6. #846
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    If you use the excellent PC Utility "CCleaner" aka Computer Cleaner, you might want to check the version.

    Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million Infected
    Thomas Fox-Brewster

    Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic.

    The affected app, CCleaner, is a maintenance and file clean-up software run by a subsidiary of anti-virus giant Avast. It has 2 billion downloads and claims to be getting 5 million extra a week, making the threat particularly severe, researchers at Cisco Talos warned. Comparing it to the NotPetya ransomware outbreak, which spread after a Ukrainian accounting app was infected, the researchers discovered the threat on September 13 after CCleaner 5.33 caused Talos systems to flag malicious activity.

    Further investigation found the CCleaner download server was hosting the backdoored app as far back as September 11. Talos warned in a blog Monday that the affected version was released on August 15, but on September 12 an untainted version 5.34 <SAFE TO USE> was released. For weeks then, the malware was spreading inside supposedly-legitimate security software.

    The malware would send encrypted information about the infected computer - the name of the computer, installed software and running processes - back to the hackers' server. The hackers also used what's known as a domain generation algorithm (DGA); whenever the crooks' server went down, the DGA could create new domains to receive and send stolen data. Use of DGAs shows some sophistication on the part of the attackers.

    Downplaying the threat?

    CCleaner's owner, Avast-owned Piriform, has sought to ease concerns. Paul Yung, vice president of product at Piriform, wrote in a post Monday: "Based on further analysis, we found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public, and we started an investigation process.
    Story Continues
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  7. #847
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    If you have a WiFi router on your home network, you may want to watch for a Manufacturer's Firmware update. Seems a new WiFi vulnerability has been discovered that may allow hackers access to WPA & WPA2 encryption keys.


    KRACK Attack Hacks All Wi-Fi Networks: What to Do

    by Paul Wagenseil Oct 16, 2017, 5:04 AM

    A severe flaw in the encryption protocols used by nearly all modern Wi-Fi networks could let attackers hijack encrypted traffic, steal passwords and even inject malware into smartphones and laptops.

    Dubbed KRACK, or Key Reinstallation Attack, by its discoverer, the flaw affects all widely used platforms: Windows, Mac, iOS, Linux and Android. Android 6.0 Marshmallow and later, and Linux kernel 2.4 and later, are especially hard-hit.

    Despite the severity of the flaw, it is rather difficult to implement. The user needs to be within Wi-Fi range of a smartphone or laptop to attack it. The attack does not work over the internet.

    What to Do

    Users should keep using encrypted Wi-Fi wherever necessary, such as at home and at work. However, you might want to avoid using the networks, even password-protected ones, in coffeeshops, hotels, airports and other public places for the time being.

    Fortunately, many Wi-Fi router and client-device makers have already or are about to issue patches...


    <SNIP>

    ...The flaw is not in the cryptography underlying WPA2 or its predecessor, WPA. Rather, it's in the implementation.

    When communicating with a client device to initiate a Wi-Fi connection, the router sends a one-time cryptographic key to the device. That key is unique to that connection, and that device. In that way, a second device on the same Wi-Fi network shouldn't be able to intercept and read the traffic to and from the first device to the router, even though both devices are signed into the same Wi-Fi network.

    The problem is that that one-time key can be transmitted more than one time. To minimize connection problems, the WPA and WPA2 standards let the router transmit the one-time key as many as three times if it does not receive an acknowledgement from the client device that the one-time key was received.

    Because of that, an attacker within Wi-Fi range can capture the one-time key, and, in some instances, even force the client device to connect to the attacker's bogus Wi-Fi network. The attacker can use the one-time key to decrypt much of the traffic passing between the client device and the router.

    Android 6.0 and later and recent versions of Linux are particularly vulnerable...
    Story Continues
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  8. #848
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    Google reveals some disturbing news about your password security.

    Google study shows how your account is most likely to be hijacked

    It found phishing to be the biggest threat to your online security.
    By Marcella Moon


    Security threats like phishing, keylogging and third-party breaches are pretty common knowledge. Google wanted to gain a better understanding of how hijackers steal passwords and other sensitive data in the wild, though, so it conducted an analysis of online black markets from March 2016 to March 2017. The result? It found that among the three, phishing poses the biggest threat to your online security. Together with credential leaks, the two represent a threat "orders of magnitude larger than keyloggers."

    The tech titan found 788,000 credentials that were stolen via keyloggers, 12 million stolen via phishing and 3.3 billion exposed by third-party breaches within a year of investigating black markets.
    Story continues
    https://www.engadget.com/2017/11/11/...-study-hijack/
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  9. #849
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    10,228
    Blog Entries
    19
    Intel Design flaw leaves system open to hacking on all Intel chips produced within the last 10 years. While I'm sure Intel is hoping for a software fix, this takes me back to the original Pentium (mid 1990s) whose flaw resulted in a Intel recall/replacement of ALL Pentium CPUs. What a mess that was!

    'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
    Other OSes will need an update, performance hits loom

    By John Leyden and Chris Williams

    A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

    Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

    Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down...
    Story Continues
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  10. #850
    Quote Originally Posted by calikid View Post
    Intel Design flaw leaves system open to hacking on all Intel chips produced within the last 10 years. While I'm sure Intel is hoping for a software fix, this takes me back to the original Pentium (mid 1990s) whose flaw resulted in a Intel recall/replacement of ALL Pentium CPUs. What a mess that was!

    'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
    Other OSes will need an update, performance hits loom

    By John Leyden and Chris Williams

    A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

    Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

    Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down...
    Story Continues
    I don't know whether it was related to this, but Microsoft just installed an emergency patch on my computer.
    And I do run virtual machines on this PC.
    An opinion should be the result of thought, not a substitute for it.
    - Jef Mallett

    Ignorance more frequently begets confidence than does knowledge.
    - Charles Darwin

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •