Security Alerts

Fake Elon: ‘1000 new followers’ get ‘5000 BTC’

Twitter users who have recently started following Elon Musk, Tesla and/or SpaceX are being lured into a Crypto giveaway scam ‘Freedom Giveaway”. These users are being added to a “Deal of the Year” list shortly after they start following one of Musk’s Twitter feeds. For most Twitter accounts, including Musk’s, the list of their followers is public and can be monitored by anyone including bots and threat actors for nefarious purposes. New Musk followers are being added to a “Deal of the Year” list on Twitter that lures them into depositing small crypto amounts into the attackers’ wallet with the false promise of receiving up to 5000 Bitcoin in return….

Read More

Twitter iOS App: Privacy Settings not working.

Things are starting to look up for Twitter with advertisers returning and the App to remain on the App Store. However, there are major problems with the Twitter iOS app when it comes to privacy settings: they are not working. Hmm…how could no one seen this coming? This is exactly what happens when three-quarters of your staff is gone either being fired, laid off or quits…shit starts breaking. In this case it is major stuff such protecting tweets or toggle direct message privacy settings. User on iOS are reporting a pop-up will appear that says “some settings failed to save.”…

Read More

More Malicious Android Apps found on Google Play

This seems to be getting way too fairly common. The good news is if users have Google Protect enabled (which they would by default unless they go in and disable it), these malicious apps will be removed from their device once Google removes the offending app from Google Play. Users should follow the old advice, “if it sounds too good to be true…don’t install it” when it comes to apps. Also, check the reviews as well as the developers site before installing (especially if you are paying for said app). One app illustrated by Dr. Web that has amassed one…

Read More

Weekly Roundup: The Good, The Bad and The Ugly

Today is Sunday, December 4th: time for the weekly roundup of the good, the bad and the ugly tech news of the week! Because of the US Thanksgiving holiday, there was not a weekly roundup this past weekend. Also, since there has been so much focus on Twitter lately, they will be excluded for this (and likely future) roundups so that we can bring attention to other news. The Good Google has admitted they need to do a better job of patching Android phones. While the exploits are being fixed quickly, however the updates are not getting pushed out to…

Read More

Google Pushes Out Another Chrome Update

This is the second update in a little over a week. This updates covers Windows, Mac and Linux and address a single high-severity security flaw. “Google is aware of reports that an exploit for CVE-2022-4262 exists in the wild,” the search giant said in a security advisory published on Friday. According to Google, the new version has started rolling out to users in the Stable Desktop channel, and it will reach the entire user base within a matter of days or weeks. Users can check for updates via Chrome menu > Help > About Google Chrome. via Bleeping Computer

Read More

LastPass Hacked as result of August 2022 Hack

Troubling times for password manager LastPass users. The company announced back in August 2022 they had been hacked which was downplayed by the company as a “compromised developer account, through which part of LastPass’s source code and proprietary technical info were taken.” Worse of all they had advised users not to change their master passwords’. Now the company has experienced a second related hack, this time impacting customers. As reported Wednesday on its blog, LastPass recently detected unusual activity within a third-party cloud storage service. An investigation has so far revealed that the breach stemmed from knowledge gained during the August…

Read More

Fake Android File Manager Apps Removed from Google Play

Once again scammers are getting creative in findings way to get their fake and malicious apps on Google Play. Unsuspecting users install said apps with false sense of security since the apps is offered on Google Play it must be safe (which in most case is true). In the past, most of these malicious apps were more of an annoyance serving adware and performing (ad) click fraud. However, these new fake Android ‘File Manager’ apps are a lot more serious and dangerous. These apps are “clean” when they are uploaded to Google Play, but once install will later ‘phone home’…

Read More

Weekly Round-up: The Good, The Bad and The Ugly

Today is Sunday, November 13th: time for the weekly roundup of the good, the bad and the ugly tech news of the week! The Good In a rare instance Microsoft has made it into ‘The Good’ category this week. Microsoft’s newly released tablet computer, Surface 9 Pro has been found to be much easier to repair than previous models. Furthermore, Microsoft is providing repair manuals and expect to have a large availability of parts on the market in the first half of 2023. The Bad Most people are not aware Flash is dead (replaced by HTML 5) and Adobe Flash…

Read More

Beware installing Extensions outside of Chrome Web Store

A new malicious Google Chrome and Microsoft Edge browser botnet named ‘Cloud9’ is infecting systems across the world. Users are unknowingly installing this botnet via malicious extensions downloaded from outside the Chrome Web Store. More commonly, users are blinding installing an update to Adobe Flash Player via malicious and faske pop-up when visiting certain none-reputable sites. A reminder, In case you were not aware Adobe ended support for Flash Player nearly 2-years ago on December 30, 2020.  Also, Google Chrome had its own built-in Flash Player support which did not require the user to install any plugins. The malicious Chrome…

Read More

Four More Malicious Adware Apps Discover on Google Play

Here we go again, more malicious apps serving adware, preforming click-fraud and trying to trick mobile users into installing malware were discovered by Malware Bytes. These fours apps are on Google Play in a developer’s account: Mobile apps Group.  These four fraudulent apps have accumulated over 1-Million combined installs. A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate ‘pay-per-click’ revenue for the operators. Some of these sites offer victims to download fake security tools or updates, to trick users into installing…

Read More