Archive

Share Google SMTP relay service is wildly popular and used every day by legions of users.  Unfortunately, hackers around the world are aware of this and increasingly they've begun abusing the SMTP relay service. The basic idea is as follows. Some clever hackers have figured out that they can bypass email security products and deliver malicious emails to their intended targets if they take advantage of certain weaknesses in Google's SMTP relay service. Researchers at the [...]

Read more

Share Google has been making some fantastic changes to bolster user security in recent weeks. That includes changes to their Google Play Store that will require developers to disclose exactly what data they plan to track and collect when users install the apps they create. In a related vein, the tech giant has also recently added some powerful new security features to Google Docs, Sheets, and Slides that now display warning banners any time users attempt to open a suspicious file on [...]

Read more

Share Ask just about any IT security professional and they will tell you that weak user passwords are one of the biggest problems and most persistent threats to corporate networks. Despite years of training, re-training, and near-constant reminders to strengthen passwords, users keep making the same mistakes. They'll re-use the same password across multiple properties. They may use an incredibly weak and easy to guess password that makes it easy for hackers to break in using simple[...]

Read more

Share Some interesting and disturbing changes are afoot in the hacking world.  It appears that the TrickBot gang is now working for the Conti Syndicate. TrickBot is a well-known group of botnet developers responsible for the creation of the BazarLoader. BazarLoader has been used by Conti in the past as their delivery system of choice when it comes to delivering ransomware as part of one of their sophisticated phishing campaigns. Now though, the Conti Syndicate has a new tool at [...]

Read more

A handy new Google Assistant is coming soon to a device near you.  The new feature is designed to automate the frustrating and often time-consuming task of changing your passwords after a breach. This information is according to a tweet from Max Weinbach and a separate report from a group called the Android Police. Google has already implemented a powerful tool to detect when users are making use of passwords that have been compromised in a breach.  This new feature will [...]

Read more

Share Netflix has been talking about cracking down on password sharing for years.  So far, it's been just talk. Recently, the company suffered its first decrease in subscribers in recent memory. They lost more than 200,000 in the first quarter of 2022. That is a fact which sent their stock price reeling. According to the company's estimates, some 100 million households are currently sharing their passwords. It's a safe bet that now the company is serious about it, so you can [...]

Read more

Share There's a new hacking campaign underway that you need to be aware of especially if you or anyone you know is interested in upgrading to Windows 11. The campaign appears to be a legitimate offer from Microsoft and it gives users the opportunity to upgrade to Windows 11 for free. Unlike many campaigns of this type, this one distinguishes itself in that it does not rely on emails that spoof the Microsoft brand.  Rather, it leverages "poisoned" search results that leads a [...]

Read more

Share If you rely on a Microsoft Exchange server to handle email for your company, there is something you should be aware of. Recent research by security and analytics company Varonis has discovered that an affiliate of Hive ransomware has begun targeting Exchange servers that are vulnerable to ProxyShell security issues. If the group in question finds a vulnerable server, they'll install a variety of backdoors including Cobalt Strike beacon. That allows them to come back later and [...]

Read more

Share Considered to be social media for professionals, LinkedIn is an invaluable tool for millions of people all over the world and a great way to make a wide range of professional connections. Unfortunately, hackers and scammers are aware of this fact and tend to gravitate to it as well. They are hoping to take advantage of the unsuspecting.  Recent research from the cybersecurity company Check Point reveals that LinkedIn has become the most spoofed brand in phishing attacks. [...]

Read more

Share The owners of the Qbot botnet are changing things up.  The botnet's normal Modus Operandi for distributing their signature Qbot malware has been to push their malicious code via phishing emails which contain Microsoft Office documents laden with poisoned macros. More recently though, the group behind the botnet has switched to phishing emails carrying password-protected ZIP files which contain malicious MSI Windows Installer packages. It's the first time we've seen this [...]

Read more