Security Alerts

Windows Defender Throwing False Win32/Hive.ZY Alert

Windows users world wide are in a panic today as Windows Defender is throwing a false Win32/Hive.ZY Alert when certain popular apps (including Microsoft’s own Edge browser) are opened. A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows. The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY. Microsoft is aware of the issue and is pushing out new security intelligence updates. To check for new security intelligence updates Search for and open Windows…

Read More

Samsung Data Breach: Hackers Obtained Customer Data

Yet again a major international corporation has been the victim of a date breach. While Samsung has disclosed hackers did obtain “Customer Data” early reports indicate (for now) the type of data obtained was not that major. The company says that Social Security numbers, as well as credit and debit card numbers, were not accessed. However, the event “may have affected information such as name, contact and demographic information, date of birth and product registration information.” It hasn’t revealed how many people may have been affected. The company is notifying some customers directly via email. Samsung says someone gained unauthorized…

Read More

Malicious Chrome Extensions with 1.4M Installs

If you have any of the five below extensions installed in Chrome, remove them now! The five extensions flagged by McAfee purport to offer various services, including the ability to stream Netflix videos to groups of people, take screenshots, and automatically find and apply coupon codes. Behind the scenes, company researchers said, the extensions kept a running list of each site a user visited and took additional actions when users landed on specific sites. The extensions sent the name of each site visited to the developer-designated site d.langhort.com, along with a unique identifier and the country, city, and zip code of the…

Read More

Fake Amazon Drivers Stealing Replacement Credit Cards

I am not sure if this has been happening in other parts of the country our just in the Phoenix Metro area: PHOENIX (3TV/CBS 5) — Amazon and Capital One are investigating after Arizona’s Family uncovered a possible fraud scheme last week. The criminal acts seem too similar to be a coincidence. Different men wearing Amazon driver clothes act like they’re dropping off a package but steal a replacement credit card right after FedEx drops it off at Valley homes. This story takes me back to a somewhat similar experience I had happen to me about 4-years ago with credit card…

Read More

LastPass Hacked (again)

Password manager service LastPass has notified users their (LastPass) system has been hacked (again). Since 2015 LastPass has its host of security issues, but then again who hasn’t? While LastPass has not ‘advise their users to change their master password (which it is very odd as that precaution is usually what most companies tell their users to do when there has been a ‘security breach’) it still a good idea for users to do this even if it is just out of an abundance of caution. In the announcement sent via email and posted to its blog, the company describes the…

Read More

The ‘Tech Support’ and ‘Refund’ Scams

Today I am going to cover something a little different, yet still tech related. This from the ‘dark or evil’ side of tech, the ‘Tech Support’ and ‘Refund’ or ‘Gift Card’ Scams.  Both of these while having a different ‘hook’ end the same, hours later the victim is handing over large sums of money (sometimes their entire savings) to the scammer and the scammer has complete access to their computer and/or phone. You may have heard about these and even wondered how they work and for that matter why do people fall for them. At the end of this post…

Read More

Understanding Extension Permission Requests

Those who have used Google Chrome are already familiar with permission requests when a browser extension is installed. However, this is a relatively new feature in Firefox, which was added with Firefox 57 released in Mid-November 2017. The Mozilla Add-ons Blog gives a very thorough explanation about extension permissions and even address the ‘scary’  Access your data for all websites permission.

Read More

Google to Ban WoSign and StartCom Certificates

Following in the footsteps of Mozilla and Apple, Google is going to be removing all trust for WoSign and StartCom Certificates with Chrome 61 (current  version is 59) as well as Android browser. Mozilla has been very aggressive in enforcing their Mozilla’s CA Certificate Policy as was the case in April 2015 with the Firefox 37.0.1 release which Mozilla banned China Internet Network Information Center (CNNIC) issued Certificates. Once again another China based CA has ‘misbehaved’: About a year ago, Mozilla uncovered that a Chinese Certificate Authority (CA) called WoSign had a number of technical and management failures, which included…

Read More

We’ve Broke Windows 7, So Why Not Get Windows 10?

I am not making this up. Microsoft MSFT 454,46 +2,87 +0,64% almost as if in an attempt to get users of Windows 7 to go out and buy a new Windows 10 machine has intentionally broke Windows 7 for users with Asus ASUUY 91,23 0,00 0,00% system boards. Windows update KB3133977 which use to be an “Optional” but recently became a ‘Recommended’ update. This update enables secure boot on Windows 7 (a feature that was previously disabled). Older PC’s with Asus boards don’t support secure boot, which will cause users to get the below red screen upon first bootup after…

Read More

Time to remove QuickTime for Windows

Apple APL 0,05 +0,00 +4,55% has ended support for QuickTime for Windows earlier this year. QuickTime 7 was only supported for Windows 7 and older. These users may want to make sure QuickTime is not still installed, especially if they are/were an iTunes user as it was part of the bloat that was installed with iTunes. There are at least two ‘possible’ exploits with the QuickTime 7 for Windows. via grand stream dreams

Read More