Quantum computing is on the horizon. Unfortunately, it's been on the horizon for at least two decades. It's one of those technologies that's always "just around the corner." In recent years, however, several important strides have been made. Although quantum computing isn't exactly mainstream, great strides have been made where the technology is concerned. There's a missing link, however. It's...
According to ongoing research by Group-IB, a massive phishing campaign is currently underway. This is a campaign that has impacted no less than 130 organizations across a broad range of industries. These include but are not limited to professional recruiting firms and companies connected to finance and technology. Some of the companies targeted include giants in their respective fields such...
Do you make use of the "MyChart" portal to refill prescriptions, contact your healthcare providers or make appointments? If so, you should know that recently, the healthcare giant Novant disclosed a data breach that impacted more than 1.3 million patients. Impacted patients had their personal information collected by a Meta Pixel ad tracking script. Meta Pixel, which was formerly known...
Using different passwords on every website and storing them in a secure password manager is a standard best practice in data security. It's generally good advice, but what happens when the makers of password vaults get hacked? That's what the more than twenty-five million users of LastPass are now finding out. LastPass is one of the largest password vaults in...
Do you have the Kali Linux distribution running on one of the machines you own? If you're not sure what that is, then you almost certainly don't. Kali is a Linux distro used mostly by "ethical hackers" who use it mainly to perform security audits, cybersecurity research, penetration testing and the like. Offensive Security has recently released an update to...
MacOS features a powerful sandbox restriction that helps keep modern Apple computers safe by limiting how code can run on the system. Unfortunately, no system is bullet proof. There's a way that a determined attacker could bypass sandbox restrictions and execute malicious code arbitrarily. Engineers at Microsoft discovered the vulnerability, and independent security researcher Arsenii Kostromin discovered it independently. Both...
If you own a Lenovo laptop, be aware that researchers at ESET have recently discovered a trio of bugs reported to Lenovo that could allow an attacker to disable security features and hijack your operating system. The issues are tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892 and are all classed as medium severity level. The first of these is an issue...
Does your company use Microsoft 365? If so, and you've noticed that your Office apps have begun to crash mysteriously and inexplicably, be aware that the latest update (build 15330.20298) is the culprit. Unfortunately, the bug was introduced in the Enterprise channel during the company's regularly scheduled "Patch Tuesday." The error manifests itself when users try to open a contact...
The Internet of Things (IoT) has seen explosive growth in recent years. If you like, you can now build your own smart home with intelligent toasters, washing machines, dishwashers, and refrigerators. They are all connected to your home network, and they all make vast amounts of data available to you at your fingertips. Unfortunately, security is slim to non-existent on...
Security researchers at Unit 42, a division of Palo Alto Networks, have been tracking the efforts of a massive campaign aimed at Elastix VoIP telephony servers. They are used by companies of all shapes and sizes to unify their communications, and it is especially attractive because it can be used with the Digium phones module for FreePBX. So far, the...
