WordPress JetPack Exploit Hijacks Websites for Tech-Support Scam

Bad actors are using compromised WordPress.com accounts and the popular Jetpack plugin to add a malicious plug-in of their own that turns compromised websites into a vehicle for perpetrating a fake tech support scam.  Attackers are using stolen user names and passwords from other breaches and trying these credentials on WordPress.com to find accounts.  They are even searching whois records for website domain names registered with the same email account as the stolen user name.

Continue Reading →
0

Where Does Cell Phone Location Data Go?

Have you ever wondered what happens to the location information your smartphone is collecting about you?  Who has access to that information, and for what purpose?  As it turns out, as told in a recent report by Brian Krebs, this information is available to pretty much anybody.

A related article in Sophos’ Naked Security blog pointed to a Continue Reading →

0

Protecting Yourself from Browser Hacking

This week we have been investigating browser hacking, or the inadvertent disclosure of personal information that is saved and stored by your browser.  Today we will be showing several actions you can take to keep your information private.

The best way to protect yourself from a remote attacker is to prevent the remote access malware needed to access your computer from installing ...

Continue Reading →
0

Hacking Your Browser for Further Exploits

In our last post, we discovered the trove of personal information that our web browser saves automatically, in the form of cookies, temporary Internet files, code snippets, and stored passwords.  Today we learn how an attacker could use this information in further exploits against you.

Using the information stored in your browser, an attacker can build a detailed dossier ...

Continue Reading →
0

Hacking Your Browser for Personal Information

Did you know that web browsers such as Chrome, Edge, Firefox, Safari, and Internet Explorer save a lot of personal information that a cyber-attacker could us as research to build a web dossier about you, your likes, and your habits?  A personal dossier that could be used for a deeper attack?

Did  you know that web browsers store parts of web pages ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


FBI Releases IC3 2017 Internet Crime Report

05/07/2018 08:30 PM EDT  Original release date: May 07, 2018

FBI has released the Internet Crime Complaint Center (IC3) 2017 Internet Crime Report, which highlights scams trending online. The top three crime types reported by victims in 2017 were non-payment/non-delivery, personal data breach, and ...

Continue Reading →
0

Password Spraying is a New Type of Brute Force Attack

Password spraying is a new password exploit that is being used effectively against larger networks.  It’s become enough of a problem to merit an alert from US-CERT entitled TA18-086A: Brute Force Attacks Conducted by Cyber ActorsHere’s how it works.

Typically, in a traditional brute-force password attack, the password cracking software runs a long list of every possible password against a system.  In ...

Continue Reading →
0
Page 2 of 8 12345...»