An extra layer of security never hurt anybody, and now you can turn your phone into a physical security key. Google has announced that any smartphone running Android 7.0 (Nougat) or later can now be used as a hardware security key for two-factor authentication (2FA). Available in beta at the moment, the new feature is intended … More Your Android phone can now double as a security key
Some users of Microsoft’s web-based email services such as Outlook.com had their account information exposed in an incident that, as it later emerged, also impacted email contents. Microsoft has acknowledged a security incident that, for almost three months, gave hackers access to information related to an unknown number of email accounts on the tech giant’s … More Microsoft reveals breach affecting webmail users
More than 50 universities in the United Kingdom had their cyber-defenses tested by ethical hackers, and the ‘grades’ aren’t pretty. A team of ethical hackers recently conducted tests on the cybersecurity defenses of more than 50 universities in the United Kingdom. In each case, it took them less than two hours to gain access to … More Hackers crack university defenses in just two hours
The new wireless security protocol contains multiple design flaws that hackers could exploit for attacks on Wi-Fi passwords. WPA3, a new Wi-Fi security protocol launched in June 2018, suffers from vulnerabilities that make it possible for an adversary to recover the password of a wireless network via “efficient and low cost” attacks, according to a new academic … More WPA3 flaws may let attackers steal Wi-Fi passwords
ESET continues to warn users of fraudulent e-mail messages that seek to extort money, especially from people watching online pornographic videos. The attacker in the email claims they have hacked the intended victim’s device and has recorded the person while watching pornographic content. The email also asserts that the video has not only captured the … More ESET records a wave of multi-lingual e-mail based (s)extortion scams scaring victims into payment
Streaming media feature among services that take the spotlight in a report on credential-stuffing attacks in 2018. Hackers made 30 billion attempts last year that involved testing out purloined or leaked login details en masse in a bid to invade other people’s online accounts, reads a report by content delivery network provider Akamai. In automated attacks called … More Credential-stuffing attacks behind 30 billion login attempts in 2018
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users. Early in March 2019, a new macOS malware sample from the OceanLotus group was uploaded to VirusTotal, a popular online multi-scanner service. This backdoor executable bears the same features as the previous macOS variant we looked … More OceanLotus: macOS malware update
