- Security Center
- English ▾
A number of smartphone apps can monitor the device’s microphone to detect audio signals embedded in TV advertising. The US Federal Trade Commission has sent warning letters to a dozen app developers who have included such software in existing apps. Known as SilverPush, the software is capable of eavesdropping on television audio and identifying the content.
A large number of popular websites are serving users malicious advertising which attempts to infect them with ransomware. The websites themselves are not serving malicious advertising, referred to as malvertising, instead several high profile advertising networks affiliated with the sites are the source. The websites affected include MSN.com, NYTimes.com, BBC.com, AOL.com, NFL.com, and The WeatherNetwork.com among others. Combined these sites receive over 2 billion visits a month.
Users who misspell the address of a popular website are being targeted by adware. The particular typo identified in this adware campaign involves typing “.om” instead of “.com” at the end of the URL. Typically, such a typo would take users to an error page. However, the “.om” domain is available to register and malicious actors are taking advantage of such small mistakes.
Last Tuesday Microsoft released several security updates, including a patch for Internet Explorer which fixes critical security issues. Security Bulletin MS16-023 resolves a number of reported vulnerabilities in the popular internet browser. According to Microsoft, one of these vulnerabilities could allow an attacker to remotely execute malicious code on a victim’s computer.
Sometimes you make a spelling mistake in an important email and spend the rest of the day wishing you could take it back. Whether it’s an email to a potential hiring manager or potential date, it can be embarrassing, making you wish you could take the email back.
Ethical hacker Ananda Prakash has received a well-earned $15,000 from Facebook for exposing a dangerous password reset error. The simple vulnerability he discovered could have been used to hack into any user’s Facebook account. All you would need to know is the user’s email address or phone number. As Facebook is allowing more of its users to store credit and debit card information as part of their account, the repercussions of such a vulnerability could have been severe.