Blog
Popular Android Keyboard App Collected Private Information, Has Been Breached
How many apps do you have on your smartphone? Do you know how much data they’re collecting about you? Most people have scores of apps installed (and often hundreds), even if they only use a few on a regular basis, and shockingly, most users have no idea just how much information those apps are collecting […]
Large Number Of HP Models May Have Keyloggers
HP is in the news again. If you missed the initial story, earlier in the year, it was reported that an audio driver that came pre-installed on a number of HP laptops contained keylogging code that stored every key stroke made by the person using the machine to a human-readable file. Once discovered, HP issued […]
New Facebook Messenger App For Kids Raises Privacy Questions
On the surface, the new Facebook For Kids messenger app looks like a solid win that should put the minds of parents all over the world at ease. The company conducted extensive interviews and assembled a Blue-Ribbon panel of experts to help them craft the new tool, aimed at children ages 6-12. The app itself […]
Files Containing Nearly 1.5 Billion Passwords Leaked On The Internet
Researchers from the security firm 4iQ have made a disturbing discovery on the dark web. A massive repository has been discovered that contains a staggering 1.4 billion usernames and passwords in plain text. The repository is well organized, with each letter of the alphabet having its own directory to facilitate rapid search, and 4iQ has […]
New “MailSploit” Allows Email Spoofing
Phishing attacks just got a whole lot easier. A German security researcher named Sabri Haddouche has recently discovered a set of email vulnerabilities that have been collectively dubbed “Mailsploit.” At the root, these vulnerabilities stem from the way most email systems interpret addresses encoded with a 1992 standard called RFC-1342. The standard is that all […]
Some Websites Can Force Your Computer To Mine Cryptocurrency
Researchers at Malwarebytes have discovered a new exploit that allows malicious website owners to use your PC to mine various forms of cryptocurrency, even if you exit the browser window the malicious site was displayed on. The exploit relies on a smart pop-under trick. Code on the website determines your monitor’s resolution and places a […]
Some Computer Manufacturers Are Disabling Intel Chip Firmware
Intel is catching some flak for releasing CPU technology that’s filled with security flaws. At issue is Intel’s Management Engine (ME), which is designed for Enterprise use and is of no real value on equipment designed for personal or home use. Although many popular PC and laptop manufacturers, including Acer, Panasonic, Lenovo, Fujitsu, HP and […]
Ransomware Attackers Are Increasing Their Attacks On Businesses
The ransomware ecosystem is maturing. Strains are divided into “families” and the number of new families that have been discovered in 2017 is half what it was in 2016. Even so, the total number of attacks targeting businesses have risen by 26 percent over last year’s totals, according to the latest statistics released by Kaspersky […]
Paypal-Owned Company Sees Breach Of 1.6 Million Customers
TIO Networks, a cloud-based, multi-channel bill payment platform purchased by Paypal for $233 million in 2017, was breached earlier this year, exposing PII (Personally Identifiable Information) for an estimated 1.6 million of the service’s users. TIO Networks primarily does payment processing and accounts receivables for cable, utility, wireless and telecom companies in North America. If […]
Former Employees Pose Serious Risk To Security
The Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded those who deal with PHI and PII of the dangers that terminated employees can pose to system security in their monthly cybersecurity newsletter. Their advice is as timely as it is excellent, and includes the following: “Making sure that user accounts […]
A Visionary Approach to Your Security
The purpose of an IT partner isn’t just to fix something when it is broken, it is to keep your people working and your data secure. Astral moves beyond traditional managed services by addressing all the key areas of cybersecurity in today’s complex landscape.
