Brave browser’s Tor mode exposed users’ dark web activity

A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users’ DNS queries Brave, one of the top-rated browsers for privacy, has fixed a bug in its Private Windows with Tor feature that leaked the .onion URLs for websites visited by the browser’s users, according to a report by an anonymous researcher, the browser’s built-in Tor mode – which takes private browsing to a new level by allowing users to navigate to .onion websites on the dark web without having to install Tor – was leaking Domain Name System (DNS) requests for the websites. “If you’re using Brave you probably use it because you expect a certain level [...]

TDoS attacks could cost lives, warns FBI

Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals The United States’ Federal Bureau of Investigation (FBI) has issued a stark warning about consequences that telephony denial-of-service (TDoS) attacks on call centers could have on people’s lives. If launched against critical call centers, TDoS attacks could ultimately prevent callers from reaching emergency services such as first responders in time and so pose a legitimate threat to public safety. “The resulting increase in time for emergency services to respond may have dire consequences, including loss of life,” reads the FBI’s public service announcement. As the name suggests, the goal of TDoS attacks is to overwhelm a telephone system to [...]

Malware authors already taking aim at Apple M1 Macs

The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs In November, Apple debuted a series of Mac computers sporting its new Apple Silicon M1 chips to great acclaim. The release of the new hardware also grabbed the attention of enterprising cybercriminals, who prepared a “little” debut of their own – malware that can run specifically on devices fitted with the new Apple chipsets. Apple’s new M1 processors use ARM-based architecture, a departure from the previous generation of Intel x86 processors that its computers previously came with. This has necessitated for applications developed for Macs to [...]

Attacks targeting IT firms stir concern, controversy

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool France’s national cybersecurity agency ANSSI has disclosed details about an intrusion campaign targeting IT services firms that run the Centreon IT resource monitoring tool. The attacks are thought to have stayed under the radar for up to three years and have hit mainly web hosting providers based in France. “On compromised systems, ANSSI discovered the presence of a backdoor in the form of a webshell dropped on several Centreon servers exposed to the internet. This backdoor was identified as being the P.A.S. webshell, version number 3.1.4. On [...]

Romance scams in 2020: Breaking hearts, wallets – and records

As dating apps experience a boom amid COVID-19, losses to romance scams soar too More and more people have been flocking to online dating platforms in search of romance and companionship in the wake of lockdowns and social distancing mandates, but the new reality is also creating conditions that contribute to record-high losses from romance scams, according to a report by the United States’ Federal Trade Commission (FTC). “In 2020, reported losses to romance scams reached a record $304 million, up about 50% from 2019. For an individual, that meant a median dollar loss of $2,500. From 2016 to 2020, reported total dollar losses increased more than fourfold, and the number of [...]

Beware of COVID‑19 vaccine scams and misinformation

The vaccination push provides a vital shot in the arm for the world’s battle against the pandemic, but it’s also a topic ripe for exploitation by fraudsters and purveyors of misinformation The rollouts of COVID-19 vaccines are steadily gaining speed, sparking hope that we may see the end of the pandemic and return to normal life sooner rather than later. This, however, has not escaped the notice of enterprising scammers who would like to cash in on the vaccine distribution effort by using fake offers and spewing out fraudulent emails. Let’s dive in and look at some of the campaigns where cybercriminals attempt to relieve unsuspecting netizens of their personal information and [...]