All posts

Protecting for the Linux embedded devices

Should we protect embedded Linux devices?

Can Linux-based embedded systems be considered secure by default or do they require additional protection?

Identity theft — a century ago

How did scammers pull off a MitM attack and 2FA bypass in… 1915?!

To Threads or Not to Threads? That is the privacy question

Discussing privacy in Threads, and whether you should sign up to Zuckerberg’s Twitter clone.

RowPress RAM attack

New attack method that bitflips memory cells.

Band-aid on a… corpse: Microsoft patches IE — again

July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.

The MOVEit hack and its aftermath

What the MOVEit Transfer hack can teach non-users.

Voice deepfakes: technology, prospects, scams

Don’t believe your ears: voice deepfakes

Audio deepfakes that can mimic anyone’s voice are already being used for multi-million dollar scams. How are deepfakes made and can you protect yourself from falling victim?

Travel phishing and online scams in 2023

Going on vacation? Beware of scammers

Online dangers faced by travelers in summer 2023.

Dozens of malicious extensions for Google Chrome

Malicious extensions in the Chrome Web Store

A few dozen malicious extensions — with a combined 87 million downloads — discovered in Google’s Chrome Web Store.

Low-code and no-code app security

Low-code apps lower IT costs, but boost information security risks. How to mitigate them?

Malware in the free game Super Mario 3: Mario Forever

Mario Forever, malware too: a free game with a miner and Trojans inside

Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.

Social engineering tricks

Social engineering in the spotlight: from classic tricks to new trends.

Data exfiltration via observing light emitting diode (LED) activity.

LED data exfiltration

Researchers have come up with a way to exfiltrate confidential data by observing LED activity.

How to protect RAM secrets

What can get stolen from RAM, and what’s hiberfil.sys got to do with it?

TriangleDB, spyware implant of Operation Triangulation

TriangleDB: the spyware implant of Operation Triangulation

APT operators are showing increasing interest in mobile devices. Our experts have studied one of their tools.

Web skimmers: why are they particularly sneaky and dangerous?

What web skimmers are, why you should keep a look out for them when shopping online, and how to protect yourself.

The most spectacular crypto thefts and how to defend against them

Eight of the most daring crypto thefts in history

Crypto Olympics, or the full gamut of blockchain attacks: the biggest, most sophisticated, most audacious cryptocurrency heists of all time.

Vacation schedule scam

Cybercriminals prey on corporate credentials by sending fake HR emails.

Case study: smart pet feeder vulnerabilities

Hole in the bowl: smart pet feeder springs a leak

Smart feeders were invented to make life easier for pet owners; however, their vulnerabilities threaten not only owners’ privacy, but also the health of their pets.

Types of two-factor authentication: pros and cons

What two-factor authentication types are out there, and which ones should be preferred.

What's the best way to lock an Android smartphone?

What’s the best way to lock your smartphone?

Which screen-locking method best protects your Android smartphone: PIN code, password, pattern lock, fingerprint, or face recognition?

Privacy & Kids