Security

Spellcheck is a blessing and a curse. On one hand you get instant feedback if you mistype something. On the other hand, it causes people not to know how to correctly spell. However, if users have opted-in to use Chrome’s Enhanced Spellcheck or Microsoft Editor (add-on) in Edge, users could unknowingly be sending Personally Identifiable Information (PII) to Google or Microsoft. Users can check if they opted-in to use Chrome’s Enhanced Spellcheck. by entering: chrome://settings/?search=Enhanced+Spell+Check in the Chrome address bar. Enhanced spell check setting in Chrome needs to be opted-in (BleepingComputer) Now you may be wondering what kind of PII could I…

Read More

Microsoft Edge Users Beware: Tech Support Scam via Newsfeed

Microsoft’s Edge Browser is built off of Chrome is the default (and if S Mode is enabled only) browser for Windows 10 and 11. Some users are being feed fake stories in their Microsoft Edge Newsfeed which when clicked-on can bring up a fake Microsoft Defender Security Center landing page with a toll-free number to call Microsoft. Alternatively, clicking the ‘ad’ may bring the user to a decoy page. This is yet another variation of the ever evolving and popular Tech Support Scams. These fake ads/stories have a catchy headline and picture such as ‘Man Finds a Hidden Cave Inside…

Read More

HP Inc. to Settle with EU Printer Customers over Dynamic Security Issues

HP promoted their Dynamic Security System to their customers as a way to “upgrade their experience and maintain the integrity of its printing systems.” Instead many consumers found their Internet connected HP printers turned into an expensive paper-weight when their devices refused to work. According to a US Class Action Lawsuit: In or around late October and early November, 2020, HP caused to be transmitted a firmware update containing malware designed to lock out then-compatible third-party supply cartridges. HP wrote, designed, and transmitted the firmware or a portion thereof solely for the purpose of disabling third-party supply cartridges, which were…

Read More

Your Search Data is Being Leaked to Advertisers

Ever notice how when you search for something on one site, you suddenly start seeing advertisements for that ‘something’ following you around wherever you go on the Internet? May be you don’t even really pay attention anymore because it is so common. Indeed it is very common: Security researchers have found that roughly eight out of ten websites featuring a search bar will leak their visitor’s search terms to online advertisers like Google. This practice has the implication of breaching the users’ privacy and leaking sensitive information to a massive network of third parties who can then use this data…

Read More

Tik Tok: We were NOT Hacked

TikTok the short-form video hosting service owned by Chinese company ByteDance is strongly denying claims it has been hacked. TikTok is denying reports that it was breached after a hacking group posted images of what they claim is a TikTok database that contains the platform’s source code and user information (via Bleeping Computer). In response to these allegations, TikTok said its team “found no evidence of a security breach.” “We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases,” TikTok spokesperson Maureen Shanahan said in…

Read More

Windows Defender Throwing False Win32/Hive.ZY Alert

Windows users world wide are in a panic today as Windows Defender is throwing a false Win32/Hive.ZY Alert when certain popular apps (including Microsoft’s own Edge browser) are opened. A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows. The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY. Microsoft is aware of the issue and is pushing out new security intelligence updates. To check for new security intelligence updates Search for and open Windows…

Read More

A ‘Physical’ DDOoS Attack

Typically when you hear about DDoS Attacks, you think of websites being brought down or crawling under the weight of superfluous requests. The hacktivist group Anonymous performed a ‘physicals’ DDoS attack of sorts on September 1st. They performed said ‘attack’ by exploiting the Russian ride-hailing app, Yandex Taxi tp summon dozens of taxis to Kutuzov Prospect in Moscow. “On the morning of September 1, Yandex.Taxi encountered an attempt by attackers to disrupt the service — several dozen drivers received bulk orders to the Fili region,” Yandex Taxi said in a statement to the Russian state-owned outlet TASS. The ride-hailing service, which is owned…

Read More

Chrome’s Manifest V3 and Ad Blockers

In January 2023 Google Chrome is going to block extensions still using the old Manifest V2 rules. An extension manifest outlines the permissions and abilities a developer includes in an extension for Chrome browser. From Google’s perspective, Manifest V3 comes to enhance user privacy and security by: Limiting extension access to user network requests. Forcing authors to include all functionality within the extension, ending the practice of hosting code remotely. Moving network request modifications from the extensions to the browser. Replacing background pages with dedicated service workers to improve browser performance. The unintended consequences of the new manifest is most of…

Read More

Malicious Chrome Extensions with 1.4M Installs

If you have any of the five below extensions installed in Chrome, remove them now! The five extensions flagged by McAfee purport to offer various services, including the ability to stream Netflix videos to groups of people, take screenshots, and automatically find and apply coupon codes. Behind the scenes, company researchers said, the extensions kept a running list of each site a user visited and took additional actions when users landed on specific sites. The extensions sent the name of each site visited to the developer-designated site d.langhort.com, along with a unique identifier and the country, city, and zip code of the…

Read More

Fake Amazon Drivers Stealing Replacement Credit Cards

I am not sure if this has been happening in other parts of the country our just in the Phoenix Metro area: PHOENIX (3TV/CBS 5) — Amazon and Capital One are investigating after Arizona’s Family uncovered a possible fraud scheme last week. The criminal acts seem too similar to be a coincidence. Different men wearing Amazon driver clothes act like they’re dropping off a package but steal a replacement credit card right after FedEx drops it off at Valley homes. This story takes me back to a somewhat similar experience I had happen to me about 4-years ago with credit card…

Read More