Computer Security Articles
RSS Reader for Computer Security Articles
A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask
Credit to Author: Andy Greenberg| Date: Thu, 04 Apr 2024 09:00:00 +0000
As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his methods.
Read MoreCrickets from Chirp Systems in Smart Lock Key Leak
Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2024 14:51:17 +0000
The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.
Read MoreThe Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
Credit to Author: Andy Greenberg, Matt Burgess| Date: Wed, 03 Apr 2024 13:54:14 +0000
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.
Read MoreWhy CISA is Warning CISOs About a Breach at Sisense
Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.
Read MoreThe XZ Backdoor: Everything You Need to Know
Credit to Author: Dan Goodin, Ars Technica| Date: Tue, 02 Apr 2024 08:00:00 +0000
Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.
Read MoreTwitter’s Clumsy Pivot to X.com Is a Gift to Phishers
Credit to Author: BrianKrebs| Date: Wed, 10 Apr 2024 14:28:17 +0000
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.
Read MoreThe Incognito Mode Myth Has Fully Unraveled
Credit to Author: Dell Cameron, Andrew Couts| Date: Mon, 01 Apr 2024 21:22:02 +0000
To settle a years-long lawsuit, Google has agreed to delete “billions of data records” collected from users of “Incognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy.
Read More