What's old is new again. Hackers have recently begun re-deploying a decade-old trick called 'ZeroFont' to get around Microsoft's security filters and deliver phishing and spam emails to Office 365 email accounts. The gimmick? Zero-point fonts. As anyone with even passing familiarity to Office 365 knows, if you're drafting a document, you can change the font size to suit your tastes and preferences. What few people realize is that you can use html code to set your font to zero-point … Read more
Most “Wannacry” Hacks Were On Windows 7 Machines
Last year's Wannacry attack was bad, but in many ways, it was a self-inflicted wound. According Webroot's recently published "Annual Threat Report," almost all of the machines that succumbed to the Wannacry attack were running Windows 7. That attack is estimated to have caused in excess of $4 billion in total losses. The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10. For example, in January … Read more
Amazon Removing Music Storage Service At End Of April
If you use Amazon's Cloud MP3 Locker to store your music online, now is the time to start looking for a new home for it. Last year, the company announced that they were ending the service, but didn't provide a firm date. April 30, 2018 will be the last day you'll be able to access your music if you don't take action. Back in December, the company stopped allowing users to upload new tracks to their music storage system, which users were formerly allowed to store up to 250 songs for … Read more
Facebook Post Removals May Soon Get An Appeals Process
There are some big changes coming to Facebook, which may have some serious unintended consequences. In a recent interview, Mark Zuckerberg indicated that he's considering allowing users to independently appeal to the content moderation team if their posts get taken down for violating various community policies. On the surface of it, this seems like it would be a good thing. Zuckerberg said that the move is designed to give people in the Facebook communities what they want, rather than … Read more
Huge Spike in Malware With Mining Capabilities
There's a new type of hacking attack to be concerned with, and it's growing by leaps and bounds. Called "Crypto-Jacking," it's a process by which malicious code is placed on websites. When the sites are visited, the code secretly siphons off a portion of the affected user's PC, laptop, or smartphone's processing power and uses it to mine for various cryptocurrencies so that the hackers can profit from it. Kevin Haley, the Director of Symantec's Security Response Team, had this to say about … Read more
MyFitnessPal User Information Data Breach Affects 150 Million
Another week, another high-profile data breach. This time, it's Under Armour in the hot seat. Under Armour acquired the MyFitnessPal app back in February 2015, and the company recently announced that their new acquisition was hacked in late February 2018. So far, the company is taking all steps we've come to see as usual in these circumstances. They've notified their user base about the scope and scale of the attack, which impacted a hefty 150 million users. In conjunction with the … Read more
Another Google Service Is Going Away
If you are a fan of, and regularly use Goo.gl (the URL shortener service), brace for impact. The company has announced that as of March 30, 2019, the service will be shut down for good. Long before then, beginning April 18th of this year, only existing users will be able to shorten links via goo.gl. No new signups will be allowed. The company had this to say about the recent announcement: "The URL Shortener has been a great tool that we've been proud to have built. As we look towards … Read more
Remote Desktop Flaw Affects Every Windows Version
Researchers at Preempt Security recently discovered a critical flaw in Microsoft's Credential Security Support Provider protocol (CredSSP for short) that impacts every version of Windows in existence. It could allow a hacker to remotely exploit Windows Remote Desktop to execute malicious code and steal any data stored on the machine. The flaw, logged as CVE-2018-0886 would allow a hacker to execute a man in the middle attack, (provided that they had Wi-Fi or physical access to the machine) … Read more
RottenSys Malware Has Infected 5M Android Devices Since 2016
There's a new threat on the horizon, according to security researchers from Check Point. A group of hackers in China are busy building a massive botnet that so far, totals almost five million Android smartphones. The hackers are quietly taking control of these devices using a strain of malware known as "RottenSys." While the malware is flexible and can be adapted to any number of purposes, in its present incarnation, it's being used to display copious numbers of advertisements. This … Read more
Google Changing Name Of Android Wear Without Updates
Wearable computing devices from smart watches to glasses are struggling to find an audience, and Google's Android Wear operating system hasn't gotten much love in recent years. It has weakened as major players in the tech space have struggled to find a market for these products. On the face of it, these products would seem to be wildly popular, but still haven't quite captured the imaginations of a critical mass of the consuming public. Google's recent announcement that it was rebranding … Read more
