Recently a critical flaw was found inside every Intel chip made during the last decade.  The flaw makes two different exploits possible.  These exploits have been dubbed "Meltdown" and "Spectre."

The flaws are incredibly severe, and make it possible for a hacker to gain complete, unfettered access to the targeted PC or laptop.

All companies collect data on their customers, but some are better than others when it comes to being upfront about what kinds of data are collected.  Over the past year, Microsoft has made many moves that have been well-received by their enormous user base.

Do you play Blizzard online computer games such as World of Warcraft, Diablo III, Hearthstone, Starcraft II, or Overwatch?  If so, there's a potential problem you need to be aware of.

Tavis Ormandy, a researcher on Google's Project Zero team, recently discovered that the Blizzard Update Agent is vulnerable to hacking, via a technique known as "DNS Rebinding.

By now, we've seen enough large-scale Point of Sale (POS) credit card thefts that patterns are beginning to emerge.  Some companies follow the general arc of the narrative better than others, and deserve credit for doing so, but in the end, the story is about the same.

It's official, the first macOS malware of 2018 is here.  Discovered by an independent security researcher and dubbed "OSX/MaMi," the code is functionally similar to DNSChanger malware.

The researcher posted his findings on the Malwarebytes forum and none other than Patrick Wardle (an ex-NSA hacker) analyzed it, having this to say:

"OSX/MaMi isn't particularly advanced - but does alter infected systems in rather nasty and persistent ways.

The ThreatMetrix Cybercrime Report 2017 is out, and is a troubling read for anyone who has anything to do with data security.  As a fraud prevention company protecting nearly a billion and a half users around the world, they're uniquely positioned to know, and their insights on the threat landscape is invaluable.

Intel's year isn't getting off to a very good start.   Just after the discovery of a pair of critical vulnerabilities that have been in their chipsets for more than a decade comes the discovery of yet another serious flaw that could impact millions of laptops around the world.

Normally, Google's robust series of checks and audits are pretty good at catching malicious code and preventing it from making its way to the Play Store.  Sometimes, however, something slips through anyway despite the company's best efforts. This latest one is particularly bad.

Do you use any of the following Chrome browser extensions?

Change HTTP Request Header
Nyoogle - (a custom logo for Google)
Stickies - (a Post-It note for Chrome)
Lite Bookmarks

If so, you're not alone.  These four extensions have a combined user base of more than half a million.

Does your company utilize either RackSwitch or BladeCenter networking switches?  Are those switches running ENOS (the Enterprise Network Operating System)?  If so, there's a backdoor in your network you weren't aware of.  Even worse, it's been there since 2004.

Engineers at Lenovo recently discovered the backdoor in the firmware when they conducted an internal security audit.