Category: Security Software news and updates

Hackers steal millions of Authy 2FA phone numbers

Malicious actors have managed to steal more than 33 million phone numbers used by users of the two-factor authentication service Authy. Authy is a popular security application to manage authentication codes for […] Thank you for being a Ghacks reader.…

How long does it take to crack a password in 2024?

Password cracking tools improve all the time. With AI entering the game, the time to brute force passwords has been reduced significantly already and continues to be reduced. Password guidelines and rules […] Thank you for being a Ghacks reader.…

First look at Malwarebytes 5.0

It took Malwarebytes nearly five years to release the next iteration of its Malwarebytes security program. Malwarebytes 5.0 is available now for all supported operating systems (Windows, Mac, iOS, and Android). Malwarebytes […] Thank you for being a Ghacks reader.…

Bitwarden: how to create and use Passkeys to sign in

Bitwarden users have a number of options already when it comes to signing-in to their vaults. They can use a master password and improve security by adding a two-factor authentication option to […] Thank you for being a Ghacks reader.…

Protect your Discord account with a Security Key

Users of the chat app Discord may now protect their accounts using security keys. The developers of Discord have added the option to the existing arsenal of multi-factor authentication options that the […] Thank you for being a Ghacks reader.…

MDP warns parents about this iOS feature

In a recent social media post, the Middletown Division of Police in Ohio has put an iPhone NameDrop warning for parents. Introduced in the iOS 17 update, this feature allows users to […] Thank you for being a Ghacks reader.…

Protect your eBay account with Authenticator apps

Users of eBay had several options up until now to improve account login security using 2-step verification. They could get texts or emails from eBay that contain the code, or get codes […] Thank you for being a Ghacks reader.…

CVE-2023-4966 vulnerability becomes a global problem

Threat researcher Kevin Beaumont has been tracking attacks against various companies, including the Industrial and Commercial Bank of China (ICBC), DP World, Allen & Overy, and Boeing, and found they had something […] Thank you for being a Ghacks reader.…

CVE-2023-4966 vulnerability becomes a global problem

Threat researcher Kevin Beaumont has been tracking attacks against various companies, including the Industrial and Commercial Bank of China (ICBC), DP World, Allen & Overy, and Boeing, and found they had something […] Thank you for being a Ghacks reader.…

Mullvad’s public encrypted DNS Servers run in RAM now

Sweden-based VPN provider Mullvad announced today that its public encrypted DNS servers run fully in RAM. The announcement comes less than two months after Mullvad completed the migration of its VPN infrastructure […] Thank you for being a Ghacks reader.…

Be careful if you use Apple’s Find My network

Apple’s “Find My” network is a powerful tool that can help users locate their lost or stolen devices. It works by using a combination of GPS and Bluetooth signals from other Apple […] Thank you for being a Ghacks reader.…

CVSS 4.0 standard has been released

The Common Vulnerability Scoring System (CVSS) is an open standard for assessing the severity of computer security vulnerabilities. CVSS scores are used by organizations and individuals around the world to prioritize vulnerability […] Thank you for being a Ghacks reader.…

And the phishing Oscar goes to…

Cybercriminals are constantly evolving their tactics to exploit the latest trends and technologies. One way they do this is by using the names of popular celebrities to create phishing scams and other […] Thank you for being a Ghacks reader.…

Watch out for StripedFly malware

Cybersecurity researchers have discovered a sophisticated cross-platform malware platform named StripedFly malware that has infected over 1 million Windows and Linux systems since 2017. The malware, which was wrongly classified as just […] Thank you for being a Ghacks reader.…

Tor Browser Security Audit reveals 2 high security issues

The Tor Browser project asked the penetration testers at Cure53 to audit core components of the project. Among the components were the BridgeDB software, building infrastructure, specific Tor Browser alterations and rdsys […] Thank you for being a Ghacks reader.…

Beware of the Flipper Zero Bluetooth spam attacks

As we previously covered, Flipper Zero is a portable, open-source multi-tool device for pentesters and geeks. It can be used to interact with a variety of electronic devices, including RFID tags, radio […] Thank you for being a Ghacks reader.…

The fallout from the Okta breach continues

On September 29, 2023, 1Password discovered suspicious activity on its Okta tenant. The investigation revealed that the threat actor used a HAR file stolen in the recent Okta breach to access the […] Thank you for being a Ghacks reader.…

AI responses may link to malware

AI tools are probably the biggest hype in tech in 2023. Companies have pushed out products or are about to. Bing Chat is one of the most prominent tools available, but there […] Thank you for being a Ghacks reader.…

Google to launch Android Earthquake Alerts in India

Earthquakes, one of the most frequent natural disasters globally, have the potential to cause widespread destruction and loss of life. In such dire circumstances, having advanced warning systems can be the difference […] Thank you for being a Ghacks reader.…

Google confirms CVE-2023-5129 is the hidden threat in Libwebp

Google’s recent confirmation of an exploited Chrome zero-day, CVE-2023-5129, has taken the cybersecurity world by storm. This exploit has a ripple effect that extends beyond Chrome, affecting numerous popular applications that rely […] Thank you for being a Ghacks reader.…

Bitwarden Free: WebAuthn new passwordless 2FA method

Free users of the open source password manager Bitwarden may use a new two-factor authentication (2FA) method in the latest version of the application. The developers of the password management service have […] Thank you for being a Ghacks reader.…

Update your browsers ASAP

In a recent report by Stack Diary, it has come to light that Google, Mozilla, Microsoft, and Brave have all taken immediate action by releasing critical security patches. These patches address a […] Thank you for being a Ghacks reader.…

Notepad++ 8.5.7 fixes 4 security issues

The developer of the open source plain text editor Notepad++ has released the security update Notepad++ 8.5.7 to the public. The latest update addresses four security issues in the client and introduces […] Thank you for being a Ghacks reader.…

Microsoft offers an explanation for the hack of its cloud

Bugs and coincidences seem to have allowed Chinese-based hacking group Storm-0558 to steal a private MSA key from Microsoft and gain access to the accounts of organizations, including American government agencies. The […] Thank you for being a Ghacks reader.…

An evolved LockBit variant emerges

Kaspersky, a cybersecurity company, found a new version of LockBit ransomware that’s different from the original. This one tells you upfront how much money you need to pay to get your files […] Thank you for being a Ghacks reader.…

WinRAR security issue more wide-reaching than thought

A recently disclosed security issue in the archiving software WinRAR is affecting other software programs as well. The developers of WinRAR released version 6.23 of the popular archiving software earlier this month. […] Thank you for being a Ghacks reader.…

Bitwarden launches Secrets Manager for teams

Bitwarden Secrets Manager is an open source end-to-end encrypted service that teams may use to “store, manage, automate, and share secrets at scale”. Aimed at development teams, who often need to share […] Thank you for being a Ghacks reader.…

LinkedIn hack: You need to check your LinkedIn account

If you want to understand the ongoing LinkedIn hack easily, picture this: profiles locked, passwords changed, and the unsettling realization that unseen hands have infiltrated your professional realm. The battleground is set, […] Thank you for being a Ghacks reader.…

Discord.io data breach: 760K users affected

Following the Discord.io data breach, the custom invite platform has paused its operations, revealing the personal data of 760,000 users. Discord.io, a third-party entity distinct from the official Discord brand, enables server […] Thank you for being a Ghacks reader.…

Microsoft Authenticator will soon provide codes via WhatsApp

Microsoft is working on two improvements for its Microsoft Authenticator application. The first tests the delivery of authentication codes via Meta’s WhatsApp application instead of SMS, the second attempts to limit Authenticator […] Thank you for being a Ghacks reader.…

PSNI data breach left officers vulnerable

A huge data breach, including the personal information of every officer in the Northern Ireland Police Service (PSNI), has left personnel concerned for their safety. The PSNI data breach revealed important information […] Thank you for being a Ghacks reader.…

Get Protected the Right Way with Avast Free Antivirus

Today’s internet safety is difficult to assess. Whereas the internet of yesteryear was a bit like the Far West, where only adventurous spirits wandered into the unknown, it’s a completely different picture […] Thank you for being a Ghacks reader.…

AI knows what you type by simply listening

Researchers have trained an AI deep learning model to detect computer keyboard keystrokes with up to 95% accuracy. While there is room for improvement, the core mechanic has an AI listen to […] Thank you for being a Ghacks reader.…

Roblox data leak may have affected nearly 4000 users

On July 19, 2023, a data breach at Roblox exposed sensitive user information from attendees of the 2017-2020 Roblox Developers Conferences. The leaked list contained 4,000 unique email addresses, alongside personal details […] Thank you for being a Ghacks reader.…

Latest macOS malware can steal your banking information

On macOS, a recently discovered security risk operates in the background to access logins, banking information, and other sensitive information. The new macOS malware is called “ShadowVault.” It is unclear whether ShadowVault […] Thank you for being a Ghacks reader.…

Malware found in over 100 signed Windows drivers

Yesterday’s security updates for Windows and other Microsoft products came with an advisory regarding the malicious use of Microsoft signed drivers. Security researchers at Sophos, Trend Micro and Cisco informed Microsoft about […] Thank you for being a Ghacks reader.…

RustBucket malware: A PDF could finish your Mac

Cybersecurity research conducted by the illustrious team at Elastic Security Labs has brought to light a virulent new strain of the RustBucket malware, a notorious enemy of macOS-powered devices. It appears the […] Thank you for being a Ghacks reader.…

KeePass password manager update improves security

Dominik Reichl, the lead developer of the KeePass password manager, has released KeePass 2.54 to the public. The new version of the application improves security in several meaningful ways, and it addresses […] Thank you for being a Ghacks reader.…

MOVEit file transfer vulnerability exploited by hackers

Security researchers have discovered that threat actors are using a serious zero-day flaw in the MOVEit file transfer product in a number of client scenarios. According to BleepingComputer, MoveIt Transfer from Progress Software […] Thank you for being a Ghacks reader.…

Critical vulnerability in Gigabyte Motherboards discovered

Millions of PC devices with Gigabyte motherboards are in danger. Researchers at Eclypsium have discovered backdoor-like tools in hundreds of Gigabyte motherboard models. The legitimate tools are used by Gigabyte for updating […] Thank you for being a Ghacks reader.…

Do you know which data breaches you have fallen victim to?

In today’s digital landscape, the security of personal information is an ever-present concern. The ubiquity of data breaches raises questions about the extent to which identities are exposed and vulnerable. While high-profile […] Thank you for being a Ghacks reader.…