Home / Dan Goodin

Dan Goodin

OpenWRT code-execution bug puts millions of devices at risk

Enlarge OpenWRT For nearly three years, OpenWRT—the open supply working system that powers dwelling routers and different kinds of embedded techniques—has been susceptible to distant code-execution assaults as a result of updates had been delivered over an unencrypted channel and digital signature verifications are straightforward to bypass, a researcher mentioned. …

Read More »

>4,000 Android apps silently access your installed software

Enlarge Mike MacKenzie / Flickr Greater than 4,000 Google Play apps silently gather a listing of all different put in apps in an information seize that permits builders and advertisers to construct detailed profiles of customers, a not too long ago revealed analysis paper discovered. The apps use an Android-provided …

Read More »

Google sent users 40,000 warnings of nation-state hack attacks in 2019

Enlarge Google Google’s menace evaluation group, which counters focused and government-backed hacking towards the corporate and its customers, despatched account holders virtually 40,000 warnings in 2019, with authorities officers, journalists, dissidents, and geopolitical rivals being essentially the most focused, crew members mentioned on Thursday. The variety of warnings declined virtually …

Read More »

New attack on home routers sends users to spoofed sites that push malware

Enlarge Wikipedia A lately found hack of house and small-office routers is redirecting customers to malicious websites that pose as COVID-19 informational assets in an try to put in malware that steals passwords and cryptocurrency credentials, researchers mentioned on Wednesday. A publish revealed by safety agency Bitdefender mentioned the compromises …

Read More »

Windows code-execution zeroday is under active exploit, Microsoft warns

Enlarge Home windows Attackers are actively exploiting a Home windows zero-day vulnerability that may execute malicious code on absolutely up to date methods, Microsoft warned on Monday. The font-parsing distant code-execution vulnerability is being utilized in “restricted focused assaults,” the software program maker stated in an advisory printed on Monday …

Read More »

Critical bugs in dozens of Zyxel and Lilin IoT models under active exploit

Enlarge Frank Lindecke / Flickr Criminals are exploiting vital flaws to corral Web-of-things gadgets from two totally different producers into botnets that wage distributed denial-of-service assaults, researchers mentioned this week. Each DVRs from Lilin and storage gadgets from Zyxel are affected, and customers ought to set up updates as quickly …

Read More »