5G didn't put malware on these Mazda’s entertainment systems but many Seattle Mazda drivers couldn't change their radio station after turning it to the local NPR station, KUOW. As one reddit user put it, "the whole audio system and Bluetooth just keeps trying to reboot." Some users also reported they couldn't use their backup cameras. This fiasco started around January 24th … [Read more...]
SpoolFool: Windows Print Spooler Fooled Again
Microsoft's monthly Patch Tuesday already occurred this month, so you know what that means - more disclosed vulnerabilities. This iteration of patches included fixes for a combined 70 vulnerabilities, including one zero-day. Thankfully, none of these fall into Microsoft’s “critical” category. However, there are four Elevation of Privilege vulnerabilities targeting the Windows … [Read more...]
New Oski Stealer Variant, “Mars Stealer”, Targets Credentials, Crypto, and 2FA
In early 2020, during the emergence of the COVID-19 pandemic, researchers discovered a novel malware named Oski Stealer, capable of stealing browser data such as cookies, history, payment information, and autofill information, as well as cryptocurrency wallets, login credentials of applications, and Authy 2FA information. It can also take screenshots of your desktop and perform … [Read more...]
Face Recognition and Privacy Concerns Works Its Way Into Taxes
The US IRS has plans to use a 3rd party identification system to prevent tax-related identity theft. The IRS plans to contract with ID.me to identify people using, among other factors, face recognition. James Hendler, professor of Computer, Web and Cognitive Sciences, wrote about some issues with the IRS’s plan. How will the data be processed? ID.me would need to store … [Read more...]
Log4j Becomes The Highest Detected Vulnerability Days After Release
Log4Shell attacks have spread throughout the Internet due to the ease with which attackers can perform them. The WatchGuard Threat Lab sees a sample of these attacks from our customers’ perspectives when they opt to provide anonymized threat intelligence data from their Fireboxes. This limited data, along with our analysis, gives us a unique opportunity to review some of the … [Read more...]