Is your phone listening to you?

Do social media listen in on our conversations in order to target us with ads? Or are we just a bit paranoid? A little test might speak a thousand words. We have all heard that our phones could be listening to our everyday conversations in order to then bombard us with targeted adverts. Is there any truth to the matter, though? Have you ever tested this theory and talked about an obscure product with friends and then waited patiently to see whether an advert for that vacuum sealer or scented colander you mentioned appeared in your social media feeds? If it never came up, you may simply have forgotten about your test. [...]

Up close and personal with Linux malware

What are the main security threats facing Linux? A Q&A with ESET Senior Malware Researcher Marc‑Etienne M.Léveillé, whose work has been instrumental in uncovering a number of malware strains hitting Linux servers. Chances are that the very word ‘Linux’ conjures up images of near-impenetrable security. However, Linux-based computer systems and applications running on them increasingly end up in the crosshairs of bad actors, and recent years have seen discoveries of a number of malicious campaigns that hit Linux systems, including botnets that were made up of thousands of Linux servers. These mounting threats have challenged the conventional thinking that Linux is more or less spared the problems that affect other operating systems, [...]

MGM Resorts data breach exposes details of 10.6 million guests

A number of celebrities, government officials and tech CEOs were also caught up in the incident The personal information of more than 10.6 million former guests of MGM Resorts hotels has been leaked on a hacking forum. The data dump contained a range of Personally Identifiable Information (PII), including full names, home addresses, phone numbers, emails, and birth dates, according to an exclusive ZDNet report. The list of victims includes celebrities, CEOs of tech companies, well-known reporters, and government officials. Justin Bieber and Twitter CEO Jack Dorsey are both known to be among the high-profile victims. An MGM spokesperson confirmed for the tech site that the leaked information comes from a data [...]

Linux and malware: Should you worry?

Malicious code is nothing to worry about on Linux, right? Hold your penguins. How Linux malware has gone from the sidelines to the headlines. Gone are the days when the idea of viruses or other malware hitting Linux was almost universally greeted with quizzical glances, if not outright rejection. Long thought of as the perfect marriage of open-source goodness and strong, Unix-like security, Linux-based operating systems are now increasingly seen as another valuable – and viable – target. This shift in thinking is partly the result of a growing realization among both Linux hobbyists and system administrators that a compromised Linux system such as a web server provides attackers an excellent ‘return [...]

What DNS encryption means for enterprise threat hunters

The dawn of the DNS over HTTPS era is putting business security and SOC teams to the challenge In one way, the proliferation of domain name service (DNS) attacks throughout the world has helped to raise awareness about a deep problem in the “plumbing” of the internet. The infrastructure behind the DNS suffers from a lack of built-in security that is putting internet users at risk. Decades of work on the Domain Name System Security Extensions (DNSSEC) specifications have been ongoing in a concerted effort to find a better way of securing the DNS while keeping it flexible enough for upscaling into enterprise, and even larger, networks. DNSSEC uptake, however, has been [...]

Sensitive plastic surgery photos exposed online

Other leaked records include videos, facial and body scans, as well as a range of patients’ personal data Hundreds of thousands of records belonging to plastic surgery patients have been discovered sitting on an unprotected server and accessible for anyone to view. The records were stored on an Amazon Web Services (AWS) S3 bucket database belonging to NextMotion, a plastic surgery technology company that provides imaging solutions to clinics around the world. Researchers at vpnMentor, who uncovered the leak, were able to access some 900,000 individual records. These ranged from before-and-after images and videos of cosmetic procedures to records of a highly sensitive nature, including graphic photos of the patients’ private body [...]