The security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats, there has been a constant supply of “in the wild” examples that prove otherwise, most recently, the XZ Utils backdoor.
Category: InfoSec News
InfoSec News
To Share or Not to Share: How Elite Runners Manage Their Strava Profiles
Strava can be a useful tool for athletes, but we must be careful about what is shared and be aware of who might see your data. https://run.outsideonline.com/gear/running-tech/to-share-or-not-to-share-how-elite-runners-manage-their-strava-profiles/
The NSA advises you to turn your phone off and back on once a week – here’s why | ZDNET
That pricey and precious smartphone you carry with you can be hit by a host of security threats, from phishing to malware to spyware. All it takes is one successful attack to clobber your phone and compromise your data and even steal your identity. So, how do you protect yourself?
Cybercriminals pose as “helpful” Stack Overflow users to push malware
This approach serves as a reminder of the constantly changing tactics of cybercriminals and, unfortunately, illustrates why you can never blindly trust what someone shares online.
Hackers phish finance orgs using trojanized Minesweeper clone
Hackers are utilizing code from a Python clone of Microsoft’s venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.
FCC Reveals ‘Royal Tiger’ Robocall Campaign
An example of a transcript of a call that Royal Tiger feeds its victims is as follows: “This is an important call regarding illegal enforcement action being executed under your name for suspicious and fraudulent activities carried out using your identity.
Hackers Can Abuse Apple’s Wi-Fi Positioning System
A recent study by security researchers has revealed a major privacy vulnerability in Apple’s Wi-Fi Positioning System (WPS) that allows hackers to track the locations of Wi-Fi access points and their owners globally.
Google guru roasts useless phishing tests, calls for fire drill-style overhaul • The Register
The main argument against current phishing tests is “there is no evidence that the tests result in fewer incidences of successful phishing campaigns,” said Linton.