Security Page 8 | TechSpot

Nvidia releases a critical GPU driver update to fix multiple security vulnerabilities

Nvidia has released a critical GPU driver update to address eight security flaws that could allow attackers with local access to execute malicious code. The vulnerabilities affect consumer GeForce GPUs as well as Nvidia RTX, Quadro, NVS, and Tesla products. The latest driver updates resolve all of these issues, any updates version 553.62 or newer, or 539.19 and above are good to go, depending on the driver branch you are using.

By Ivan Franco, January 20, 2025, 12:20 PM

Security Tech Culture

A floppy disk in the mail launched the world's first ransomware attack 35 years ago

The perpetrator managed to avoid prison after exhibiting a series of bizarre behaviors

By Skye Jacobs, January 20, 2025, 6:59 AM

Security Microsoft

Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay

Vulnerability could have allowed hackers to run malware during the boot process

By Zo Ahmed, January 19, 2025, 10:52 AM 25 comments

Security Software

FBI triggers self-destruction of China-backed malware infecting US computers

Command-and-control servers can also be useful to law enforcement agencies

By Alfonso Maruccia, January 17, 2025, 6:58 AM

Security Industry

UK could ban ransomware payments by the public sector and critical infrastructure companies

Would a ban really deter hackers?

By Rob Thubron, January 15, 2025, 6:15 AM

Security Mobile

iPhone USB-C is hackable, but users don't need to worry yet

Code execution, electromagnetic fault injection, and firmware dumping are possible

By Daniel Sims, January 14, 2025, 9:34 PM

The Web Security

DOJ clears path to sell $6.3B in Bitcoin seized from Silk Road marketplace

A huge windfall

By Shawn Knight, January 13, 2025, 1:50 PM

Mobile Security

Mobile apps exploited to harvest location data on massive scale, hacked files reveal

"There's some company out there acting like a global honey badger, doing whatever it pleases with every piece of data that comes its way"

A hot potato: Thousands of popular mobile apps across Android and iOS are allegedly being exploited to harvest sensitive location data on an unprecedented scale. This data collection, occurring through the advertising ecosystem, is likely happening without the knowledge of users or even app developers themselves.

Full story By Skye Jacobs, January 12, 2025, 8:09 AM 7 comments

Security The Web

Chrome extensions are abusing Google's lousy security policies to come first in search results

Leveraging manipulative tactics to push extensions

By Alfonso Maruccia, January 9, 2025, 1:55 PM

Security Apple

Apple denies using Siri recordings to serve targeted ads

Rumors resurface following Apple's $95 million lawsuit settlement

In context: It's a phenomenon that has been around since the dawn of the modern tech age: seeing an advertisement for an item, usually on social media, that you'd recently been talking about. It's often blamed on companies recording conversations and sending them to advertisers. Now, Apple has refuted rumors that this is something it does using Siri.

Full story By Rob Thubron, January 9, 2025, 7:43 AM

The Web Security

Telegram's pivot to a law-abiding platform: fulfilled requests of user data have skyrocketed

Arrest of CEO Pavel Durov has clearly had an impact on Telegram's modus operandi

By Alfonso Maruccia, January 9, 2025, 6:16 AM

Software Microsoft

End of Windows 10 support this year threatens over 60% of active Windows PCs

More than 3 years after launch, Windows 11 remains a minority

By Daniel Sims, January 6, 2025, 5:29 PM 90 comments

Security Electronics

Bosch's new e-bike battery theft solution looks great, but it's locked behind a paywall

Is Bosch being greedy?

By Zo Ahmed, January 6, 2025, 8:17 AM

Security Google

Widespread cyberattack targets Google Chrome extensions, compromises 2.6 million devices

The incident highlights the often overlooked security risks associated with browser extensions

By Skye Jacobs, January 5, 2025, 1:39 PM 13 comments

The Web Security

Google searches for "free VPN" skyrocket in Florida after porn ban goes live

As expected, the ban seems easy to bypass

By Zo Ahmed, January 5, 2025, 10:45 AM 36 comments

The Web Software

Chrome Manifest V3 blamed for security risks as EditThisCookie extension becomes a victim

Google removed the EditThisCookie Chrome extension, but this malicious copycat remains

By Alfonso Maruccia, January 2, 2025, 4:09 PM

Security News Around the Web

US Army soldier accused of selling stolen AT&T and Verizon customer data

The sensitive data came from the Snowflake hack

By Rob Thubron, January 2, 2025, 9:59 AM

Security Microsoft

Old BitLocker vulnerability exploited to bypass encryption on updated Windows 11

Secure Boot? TPM? Full-disk encryption? All useless against resourceful hackers

By Alfonso Maruccia, January 2, 2025, 9:16 AM 20 comments

Security Car Tech

Volkswagen leak exposes private information of 800,000 EV owners, including location data

The dangers of connected cars

By Rob Thubron, December 31, 2024, 3:14 PM 16 comments

Security Software

Major cybersecurity breach hits US Treasury, linked to Chinese hackers

The hack highlights the growing threat of supply chain attacks

What just happened? The U.S. Treasury Department has fallen victim to a significant cybersecurity breach that it has attributed to Chinese state-sponsored hackers. The hack, described as a "major incident" by Treasury officials, involved the compromise of a third-party cybersecurity service provider, BeyondTrust, and resulted in the theft of unclassified documents.

Full story By Skye Jacobs, December 31, 2024, 12:37 PM

Tech Culture Security

Passports may soon become obsolete as facial recognition and smartphones take over

Concerns about privacy and security are already being raised

By Skye Jacobs, December 28, 2024, 12:31 PM 37 comments

Software Microsoft

Microsoft faces FTC scrutiny over alleged antitrust practices in federal cybersecurity deals

Using free trials to lock government and military into expensive subscriptions?

In brief: The US Federal Trade Commission has spent weeks investigating Microsoft's cybersecurity deals with the federal government. Although the case's fate under the incoming Trump administration remains uncertain, the Commission continues to pursue it, illuminating the tech giant's alleged strategy of locking government customers into its products to block competition.

Full story By Daniel Sims, December 28, 2024, 10:18 AM

Security The Web

Human error to blame in Ascension data breach that impacted 5.6 million patients

An "honest" mistake exposed a wealth of sensitive information

By Zo Ahmed, December 27, 2024, 12:34 PM 10 comments

The Web Security

Undersea cable disruption in Baltic Sea investigated for possible sabotage

The Finland-Estonia power cable's capacity was severely reduced

By Rob Thubron, December 26, 2024, 5:19 AM

Software Security

Asus holiday popup sparks malware scare among users

Christmas.exe isn't what you think it is

Facepalm: Oh dear, Asus. By trying to get into the holiday season, the company has managed to annoy a number of its customers by making them believe they'd been infected with malware. The end result of the alarmingly named Christmas.exe is a desktop banner that takes up a third of the screen – and it can even crash apps.

Full story By Rob Thubron, December 23, 2024, 11:13 AM 8 comments