Articles for May 2018

Four of the largest cell giants in the US are selling your real-time location data to a company that you’ve probably never heard about before.

In case you missed it, a senator last week sent a letter demanding the Federal Communications Commission (FCC) investigate why Securus, a prison technology company, can track any phone “within seconds” by using data obtained from the country’s largest cell giants, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary, LocationSmart.

Source: US cell carriers are selling access to your real-time phone location data | ZDNet

WannaCry caused chaos across the world. But have its lessons been learned?

Source: WannaCry ransomware crisis, one year on: Are we ready for the next global cyber attack? | ZDNet

An outdated version of Drupal, a popular content management system, let

Source: Outdated website software lets hackers mine cryptocurrencies at your expense

Microsoft’s Patch Tuesday update addresses a critical flaw in the Windows VBScript engine that attackers are using to compromise Windows machines through Internet Explorer.

The patch follows an alarm by researchers at Qihoo 360 Core Security in April that well-resourced hackers were using a then suspected IE zero-day flaw to infect Windows PCs on a “global scale”.

Source: Windows critical flaw: This security bug is under attack right now, says Microsoft | ZDNet

Dashlane examined password and account security on 55 of the world’s most popular travel-related sites, and found that 89% of sites leave their users’ accounts perilously exposed to hackers due to unsafe password practices.

Source: Most top travel websites fail to protect user security – Help Net Security

Attackers know that companies are sending a lot of emails to customers about GDPR – and that makes them prime opportunity for phishing attacks.

Source: Phishing alert: GDPR-themed scam wants you to hand over passwords, credit card details | ZDNet

IoT devices lack the power of PCs, but some dark web users are still keen to see if compromising connected devices for financial gain is plausible.

With malicious cryptocurrency mining an increasingly popular means for cybercriminals to make money there has been a surge cryptojacking malware up for sale on the dark web.

But while many crooks will target servers and PCs to secretly mine for cryptocurrencies, an increasing number of cryptojackers are looking towards Internet of Things (IoT) devices as their means of making money.

Source: IoT security: Is cryptocurrency-mining malware your next big headache? | ZDNet