Intel users beware! Hackers have now discovered a new method to hide malware inside the security Intel SGX enclaves. Usually, the Intel Software Guard eXtensions (SGX) is a technology that’s used by app developers as a security measure against unwanted data modification or disclosure.
Intel SGX also allows developers to execute application code through a secret enclave.
Expert researchers have created a new technique that enables them to introduce malicious code in a protected memory area, which makes it nearly impossible to detect.
Ideally, enclaves should be protected from higher privilege processes, including BIOS, kernel, SMM and even the operating system.
The team of experts that discovered this vulnerability is the same one that found Continue reading
According to reports, Facebook has just paid a $25,000 reward to a white hat hacker who found a critical cross-site request forgery (CSRF). If you’re wondering what warranted this payday, you need to know the implications of CSRF to realize that this was a big discovery.
According to Facebook, if the CSRF continued operating without detection it would have made user accounts vulnerable to hackings of the worst kind.
All an attacker needed to do was send requests loaded with CSRF tokens to random Facebook endpoints. That would have allowed them to access user accounts and do with them as they pleased. But, the attacker would have to trick their victim into clicking on a link first, which can be done through the facebook.com/comet/dialog_DONOTUSE/ loophole. This weak spot would also enable the attacker to easily bypass CSRF protections, giving them full Continue reading
One of the financial sector’s most enduring nemeses is back at it again. According to recent reports, the infamous TrickBot banking Trojan is making a major return and bankers should be aware. It now operates as a new type which has the ability to grab credentials remotely through a dedicated module.
The TrickBot’s updated data-grabbing mode is what enables it to harvest private credentials and data from a remote desktop. Hackers are using spam emails to spread this latest strain in what’s possibly the oldest scam in the digital data-grabbing book.
Users are warned to look out for one email in particular, which the scammers are using as a front to spread the virus. The email appears to come from Deloitte, a well-known financial services company, and at face value, it looks like a Continue reading
You can never be too careful when browsing the web nowadays, with data scams being so prevalent and all. We have to be extra vigilant and constantly careful with the way we share online data because you never know how or where the hackers are lurking.
One way to protect your information is to use different passwords for your various online accounts. It’s important to make sure that those passwords are strong and unpredictable as well, or else you might open yourself up to possible fraud.
How Google is Helping
Google is doing its part to keep user data protected online. The tech giant has developed a technology that will alert users whenever there’s a potential risk to data security.
To achieve this goal, Google recently announced the introduction of an extension that will activate a visual prompt whenever it sees you using a “weak or “unsafe” username and password. That way, it gives you the chance to change your password before scammers can use it to hack you.
This is known as the Password Checkup Chrome extension. Users can Continue reading
According to reports, a team of Nocturnus researchers at Cyber reason recently discovered an Astaroth Trojan campaign with the ability to abuse GAS Tecnologia and the Avast security software. The hackers use this weak point to plant malicious modules and steal user information.
The main aim of the campaign is to access user information and it does that by taking advantage of legitimate operating system processes. Once it breaches the machine’s security, the campaign is able to steal confidential credentials and clipboard usage as well as important keystate information.
The Cofense security firm was the first to identify the Continue reading
Technological advancements in the use of the Internet continue to make life easier and more convenient in just about every aspect today. The Internet allows you to access and share information faster than ever before. It’s hard to imagine life without Internet. However, to access the Internet via your phone, tablet, or Continue reading
A privilege escalation flaw has been discovered which could affect the online safety and privacy of LG laptop users. According to the online security expert who discovered the flaw, this loophole is relatively easy for hackers to take advantage of.
Security expert and researcher Jackson T. found the flaw while analyzing the LG Device Manager system and in doing so was able to track the flaw as CVE-2019-8372. At the time, Jackson was merely evaluating the LG Device Manager’s low-level hardware access Continue reading
Malware which is the short form of malicious software alludes to different sorts of applications that are intended to access a PC for malicious purposes, and regularly without the user of the PC knowing anything about it. Customarily, the objective of malware has been to create income, either by taking your own data for resale on the internet or by encrypting the information on a computer and asking for money from the victim for them to access their precious files. Malware can contaminate PCs as well as other kinds of gadgets in a few different ways. Contrary to the popular belief that Macs are safer than Continue reading
Facebook is one of the world’s most widely used websites, and it’s likely that the majority of people you know have a Facebook account. There are 2.38 billion active users on Facebook right now, and the number grows every time someone creates a new account.
This has also made it one of the most widely targeted websites out there, and it’s just as likely that you’ve had your account hacked at least once – and you might not have known a Continue reading
We live in a world that is increasingly becoming more and more dependent on technology. Windows operating system is the most sought after system in the world. This makes it more vulnerable to malicious hackers. Nowadays, all our personal information is stored on our computers. Malicious individuals become more cunning and device ways to get to our personal information. You must take measures to protect your data and your computer. Not taking these measures leaves you Continue reading