Security
Your privacy and rights online. Securing your systems, hacking news and more.
Researchers publicly warn that multiple HP firmware vulnerabilities remain unpatched after a year
In brief: Several HP enterprise devices are running firmware containing as many as six unpatched security holes that allow arbitrary code execution. Some of them are at least a year old, and researchers publicly disclosed all of them over a month ago. As of this writing, all remain unpatched.
Steam users warned of sophisticated browser-in-the-browser phishing attack
A lot more convincing than a phishing email
In brief: Steam users are being warned about a new attack tricking people into handing over their account credentials via a browser-in-the-browser phishing technique. Competitive and professional gamers are being targeted, as is anyone with a high-value account.
Former US ambassador warns about data tracking, says the US is making China's surveillance job easier
Big quote: The Federal Trade Commission asked for opinions about data economy and commercial surveillance, and former US ambassador Karen Kornbluh described the situation with grave and unambiguous words.
New zero-day vulnerability in BackupBuddy plugin leaves WordPress users at risk
The vulnerability could allow unauthenticated users to download sensitive information and files from affected servers
GameStop "wiretapped" customers without consent, claims lawsuit
It sold secret transcripts to a marketing firm to build profiles using personal information
Minecraft, FIFA, and Roblox have the most gaming-related cyberthreats
Far Cry players should watch out for cryptojackers
QNAP battles yet another DeadBolt ransomware campaign, issues patch for NAS devices
A new fix for a zero-day flaw already exploited in the wild
Instagram hit by record $400M fine in Europe for mishandling children's data
The Meta-owned social network will appeal the decision by Irish regulators
Peter Eckersley, tech activist and founder of Let's Encrypt, dies at 43
The Australian computer scientist fought for privacy, net neutrality and ethics for artificial intelligence
China accuses United States of hacking top space and aviation university
China says the NSA was behind a phishing campaign
Security researchers successfully hijack Windows 11's Power Automate tool
A tool that helps users could also help hackers
Newly identified browser bug allows websites to overwrite clipboard content
The text can be replaced with fraudulent URLs, addresses, or other malicious information
Chrome extensions with 1.4 million installs track users for affiliate payment scam
Check the list to see if you installed any
If you downloaded a Google Translate desktop app, it's probably cryptojacking malware
There is no desktop-native Google Translate
10 out of 15 major wireless carriers disclosed their practices for collecting and storing user geolocation data
FCC Chairwoman shares mobile carrier responses regarding data privacy
Samsung updates hundreds of millions of aging phones
The updates appear to contain GPS fixes
Hackers are using Genshin Impact's anti-cheat software in ransomware to kill antivirus processes
Bad actors are already actively exploiting vulnerability in 'mhyprot2.sys' driver
Best Privacy-First Cloud Storage Services
Most of us have been using cloud storage for years, with plenty of good services out there. But features and free storage comes secondary when you are looking for secure, privacy-first cloud storage.
LastPass says it was hacked, tells users not to worry
Passwords and vaults were not compromised
Apple's upcoming Lockdown Mode will make devices easier to fingerprint
Disabling specific features can identify devices using Lockdown Mode
Researchers find new ways to siphon sensitive data from "air-gapped" computers
It turns out network activity lights and smartphone gyroscopes are real security threats
Plex warns all users to change their passwords following a data breach
Emails, usernames and encrypted passwords were all compromised
Beware of this very convincing PayPal phishing scam
It lacks the usual tell-tale scam signs