consumer
Google ads for KeePass, Notepad++ lead to malware
Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme …
Researchers warn of increased malware delivery via fake browser updates
ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the …
Sic Permission Slip on data brokers that use your data
Permission Slip, an iPhone and Android app developed by Consumer Reports, helps users ask companies and data brokers to stop sharing their personal data and/or delete it. The …
Easy-to-exploit Skype vulnerability reveals users’ IP address
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose …
Surge in identity crime victims reporting suicidal thoughts
Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the …
Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …
Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out
The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to …
Samsung, Vivo, Google phones open to remote compromise without user interaction
Several vulnerabilities in Samsung’s Exynos chipsets may allow attackers to remotely compromise specific Samsung Galaxy, Vivo and Google Pixel mobile phones with no user …
What a perfect day in data privacy looks like
Everyone wants extraordinary online experiences without sacrificing the security of their personal information. Yet according to Ping Identity’s 2022 Consumer Survey, 77% of …
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
LastPass says attackers got users’ info and password vault data
The August 2022 LastPass breach has resulted in potentially catastrophic consequences for the company and some of its users: attackers have made off with unencrypted customer …
All of Medibank’s stolen data leaked, Australia increases maximum penalties for data breaches
Australian health insurance provider Medibank has confirmed that another batch of the customer data stolen in the recent breach has been leaked. “We are conducting …