A team of six researchers from Germany has discovered a critical flaw in the way that popular PDF viewers display data. This makes it possible for an attacker to exfiltrate data from encrypted PDF files.
The researchers tested twenty-seven different desktop and web-based PDF viewer apps.
Google heavily regulates gambling and gaming apps on its Play Store. It's not hard to understand why. The industry has a long history of gouging and otherwise abusing the people who play their games. In response to the company's heavy-handed regulation of their industry, some app developers have taken to disguise the nature of their unauthorized gambling apps.
Malvertising Attacks: what you should know
Hackers and scammers have a new tool in their toolbox, and they're making rapid use of it. Recently, researchers from Confiant have discovered a new malvertising attack involving a Chrome for iOS exploit. They discovered an unknown group of attackers getting around the browser's built-in pop-up blocker to deliver fake ads.
DoorDash confirmed that an unauthorized third party accessed nearly five million of its users' data. According to information released by the company, the breach occurred on May 4th, 2019.
The unknown parties accessed information on the company's drivers, merchants, and customers who joined DoorDash on or before April 5th, 2018.
The data taken by the unknown attackers includes: names, email addresses, delivery addresses, order history, phone numbers, and hashed passwords.
Security researchers at Sophos Labs alerted Google to the abuse of more than two dozen apps on the Play Store. Google's policies allow them to charge hefty fees to unsuspecting users. Here's how it works: Many apps offer a free and subscription-based service, and many of those allow users to try the full version of the app for a free trial period.
One of the most common means by which malware winds up on the computers of its victims is via attachment extensions such as email. In fact, 92% of malware is delivered by email. All it takes is one careless moment. One-click to open a file that turns out to be poisoned and you're in for a world of trouble.
Most people don't spend a lot of time thinking about standards or the organizations that maintain and push them forward. Standards just aren't very interesting, which is why they don't get a lot of press time. That's exactly why when the Wi-Fi Alliance announced that they're soon to be launching their new Wi-Fi 6 Certification Program, it didn't make the headlines and most people didn't notice.
If you haven't yet downloaded and installed the latest Windows 10 update (version 1903), read this article carefully.
Microsoft is reporting that their latest build is causing Wi-Fi connectivity issues with some network adapters. Specifically, the Centrino 6205/6235 and Broadcom's 802.11ac.
If you use Google's Chrome browser for web connectivity, you're about to get a new feature you'll probably fall in love with. Chrome 77 is now available for Windows, Mac, iOS, and Android.
Google's primary mission has been to increase the quality of the user experience and the company keeps finding new ways.
Meanwhile, the SOHOpelessly Broken 2.0 study has been released by Independent Security Evaluators. The picture it paints of routers and the so-called 'smart' devices that make up the rapidly expanding Internet of Things (IoT) is not pretty.
Accordingly, the researchers sum up their findings as follows:
"Today, we show that security controls put in place by device manufacturers are insufficient against attacks carried out by remote adversaries.
