GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts.
Monthly Archives: April 2020
TikTok announces “Family Pairing” – bust your moves but cap the risk
Having someone older to watch out for you while you’re online can be reassuring. That seems to be the idea behind TikTok’s Family Pairing.
S2 Ep35: TikTok woes, sextortion scams and passwords vs. single sign-on – Naked Security Podcast
We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!
49 malicious Chrome extensions caught pickpocketing crypto wallets
They were posing as crypto wallets in order to rip off users’ private keys and mnemonic phrases and drain real wallets. Google’s yanked them.
Update now! Windows zero day flaws fixed in Patch Tuesday
…and there are fixes for Adobe, Oracle and Intel products too. Go get your updates!
Zoom passwords for sale on the Dark Web – “ten-a-penny” by all accounts
If you reuse an old password when you’re rushing to create a new account for the lockdown era, you’re as good as “pre-hacking” yourself.
Signal: We’ll be eaten alive by EARN IT Act’s anti-encryption wolves
The Big Bad Wolves haven’t blown the house down but did come up with a way to “hold the three little pigs responsible for being delicious,” Signal said.
WordPress WooCommerce sites targeted by card swiper attacks
Credit card swipers have found a hard-to-detect way to target WordPress websites using the WooCommerce plugin by secretly modifying legitimate JavaScript files.
TikTok users beware: Hackers could swap your videos with their own
TikTok doesn’t use HTTPS for its images and videos – so crooks could swap out the videos you see and you would never know.
ICANN asks registrars to crack down on scam coronavirus websites
It doesn’t have regulatory authority, so it can’t do much, but the hundreds of registrars it authorizes can and should.