Frost has reported a significant uptick in the number of malware campaigns orchestrated from YouTube.

Overwhelmingly these campaigns are pushing Trojans onto the PCs and smart devices of their victims.

Frost has identified what appear to be two clusters of malicious activity occurring simultaneously. One of these is pushing the RedLine trojan and the other is pushing Racoon Stealer.

Literally thousands of videos and channels have been made in the conduct of these two campaigns. Based on Frost's personal observation the campaigns are adding 100 new videos and 81 channels every twenty minutes.

He had the following to say about the identified campaigns:

The videos in question cover a wide range of topics. The hackers behind the campaigns tend to favor videos about software cracks, how to guides that outline how to get around software licenses, cryptocurrency, software piracy, game cheats and VPN software.

The videos are at least vaguely helpful and contain a link that the video's authors claim is to a tool that will help the viewer on his or her quest related to the topic of the video. Naturally the link is nothing of the sort and clicking on it will install malicious code on the viewer's device.

The problem has gotten serious enough that YouTube's owner Google made a formal statement about the matter.

Google's statement reads in part as follows:

"We are aware of this campaign and are currently taking action to block activity by this threat actor and flagging all links to Safe Browsing. As always, we are continuously improving our detection methods and investing in new tools and features that automatically identify and stop threats like this one. It is also important that users remain aware of these types of threats and take appropriate action to further protect themselves."

The moral of the story is simple: Be very careful about any links you click.

Used with permission from Article Aggregator

One of the more popular options is AllBlock which is a Chromium extension that is widely promoted on YouTube and Facebook. The extension touts its ability to prevent pop up ads and speed up a user's browsing experience.

Unfortunately researchers at Imperva have recently discovered that the extension is actually injecting hidden affiliate links onto any device running the extension. These links exist solely for the purpose of generating commissions for the developers of the ad blocker.

If you have AllBlock on your smart device or PC it is quietly injecting redirects to affiliate links on every browser tab you have open. Worse is that the extension was coded with some fairly advanced evasion techniques. One of the techniques includes the ability to clear the debugging console every 100ms and excluding the largest and most popular Russian search engines.

As of the writing of this piece the extension was still available on the Chrome Web Store. Based on the ongoing research the Imperva researchers believe that this script is just one of many currently in use by the group behind the malicious code.

An evaluation of IP and domain evidence points to this as being part of the Pbot campaign which has been active since at least 2018. What we may be looking at then is the tip of a very large iceberg.

Frustratingly the AllBlock extension has great reviews. It is very highly rated because it is legitimately good at what it does. Unfortunately it's advertised function isn't all that it does which is what makes this extension so problematic.

This underscores an important and distressing point. Sometimes even if you do your due diligence you can wind up installing something dangerous. Now is a good time to review all of the extensions you use and delete any you don't absolutely need.

Used with permission from Article Aggregator

Microsoft recently posted a help article on their website explaining that if you own a Brother printer and have upgraded to Windows 11 you may lose your ability to print if your printer is connected via a USB cable.

Brother reports that this is a pervasive issue impacting nearly one hundred different printer models (which is just about all of them). What's even worse is that even if you have a model that will print after upgrading to Windows 11 you may receive an error message prompting you to use the "USB Connection Repair Tool" or stating that you "Cannot Print to the USB Printer."

In these cases however Brother notes that simply clicking past the error messages will allow you to print successfully in most cases.

This is a complex issue that's still under investigation. Given that the issue only seems to be impacting Brother printers the fix will almost certainly come from Brother itself. The root cause of the problem is currently under investigation. At this point Brother has yet to announce a timetable for a fix.

While it is not yet known exactly what's causing the issue we do know at this point that USB connected Brother printers are shut out of a wide range of Windows 11 utilities.

These Utilities Include:

• Device Settings Tool
• Paper Size Setup Tool
• Distributed Print Tool
• Special ID Setting Tool
• Wireless Setup Wizard
• P-Touch Editor 5.4
• Date Software
• Transfer Manager
• Transfer Express
• Template Settings
• And the Printer Setting Tool

For the time being Brother recommends connecting your printer via some means other than USB until the company can get to the bottom of it. This will almost certainly not be the last wrinkle users encounter as Microsoft continues development of their new OS. Stay tuned.

Used with permission from Article Aggregator

As with most of the products that Apple makes AirPods are cool. They're also pricey and they've had more than their share of development issues.

Given the challenges surrounding the tech Apple announced a service program and pledged to cover any crackling/hissing issues users encountered through October of 2020. In light of the ongoing issues Apple has quietly extended this program for an additional year.

The company did this without any fanfare and no formal announcement. In fact as far as anyone can tell the policy change was first spotted by Reddit users.

If you hear crackling or static sounds on your AirPods, if those sounds increase in loud environments, or if your Active Noise Cancellation feature isn't working as advertised your gear is probably eligible for replacement.

There are three different avenues you can pursue:

1. Contact Apple Support
2. Find the Apple Authorized Service Provider closest to you
3. Make an appointment with a technician at an Apple Retail Store.

Whatever route you take the technician you ultimately work with will confirm the issue. Assuming you qualify for the program the affected units will be replaced free of charge.

Kudos to Apple for responding quickly to the issues surrounding AirPods Pro and for extending the repair program. We were less impressed with the fact that the program was extended without Apple making a prominent announcement about it.

Here's hoping that there are no further issues with the AirPod Pro. If it turns out that there are any problems let us hope that Apple will be more vocal about the programs designed to resolve those issues.

Used with permission from Article Aggregator

Although the flaw that makes this possible has only been classified "Moderate" the reality is that the implications could be crippling. Digital signatures are used as a means of verifying that the document in question is from a trusted source. As such the ability to spoof those signatures could easily open the floodgates allowing attackers to do untold harm to any business using either Libre- or OpenOffice.

The OpenOffice flaw is being tracked as CVE-2021-41832 and the LibreOffice flaw is being tracked as CVE-2021-25635. For those who don't know LibreOffice is a fork of OpenOffice. An offshoot that was created decades ago. That means that this flaw has roots that run deep.

It should be noted that neither of these applications are auto-updating. That means that unless you're very good about checking for new versions on a regular basis the version you're currently using is probably out of date. Given the risks that these security flaws represent you should upgrade to the latest version as soon as possible.

If you are unable to upgrade whatever the reason a viable temporary solution would be to disable macros. Also note that if you are running an older version you shouldn't rely on the "trusted list" functionality. This is because an invalid signature algorithm could still make a laced document appear as it comes from a trusted source.

Kudos to the developers for quickly addressing these security issues. Again if you use either suite be sure you upgrade to the latest version as soon as possible.

Used with permission from Article Aggregator

That appears to be changing. A recent trend tracked by researchers from Avanan has revealed that nearly half of all phishing emails analyzed in recent months were crafted to impersonate non-executives.

Additionally more than three quarters of them (77 percent) targeted employees on the same level.

This is something of a departure and it allows those who orchestrate phishing campaigns to target a significantly larger pool of potential victims. The reason behind the shift in focus is easy enough to understand.

The Avanan researchers summarize it as follows:

"Security admins might be spending a lot of time providing extra attention to the C-Suite and hackers have adjusted. At the same time, non-executives still hold sensitive information and have access to financial data. Hackers realized, there is no need to go all the way up the food chain."

Increasingly hackers and scammers are coming to rely on spoofed DocuSign emails to gain access.

If you're unfamiliar with it DocuSign is a legitimate platform used to digitally sign documents. In this case a scammer creates a dummy DocuSign document and emails a request to a low to mid-level employee to update direct deposit information or something similar.

By all outward appearances the DocuSign request looks completely legitimate but there is one important difference. An actual DocuSign email won't ask the recipient for login credentials. The spoofed ones do. Naturally this is done so that the hackers can harvest those credentials.

Given the crush and volume of daily business emails the difference is easy to overlook which explains why this approach has enjoyed an uncannily high degree of success.

Be sure your employees are aware of this latest threat and stay on their guard against it. One moment of carelessness could wind up being costly indeed.

Used with permission from Article Aggregator

If you've ever experienced that you will be glad to know that Google is rolling out a change that will do away with the frustrating "see more" button.

Instead you'll get a continuous scroll feature that will allow you to delve more deeply into the search results until you find exactly what you are looking for. It's a small change but we regard it as an excellent one.

If you live in the US you may already be seeing the new search behavior. If you don't see it yet you can expect to see it in the near future whether you're using an Android or an iOS device. Be aware however that due to the staggered nature of Google's roll-out the new functionality won't be available for every search you conduct.

Although this is a relatively small change it's a very good one that solves one point of frustration a great many users have when surfing the web on their smart devices. It also helps to bring Chrome's search functionality more in line with modern feed-style apps like TikTok and Instagram.

Google has a long history of going the extra mile when it comes to anything that improves user experience on the web. This is another step in that direction and it follows on the heels of the complete redesign of mobile search Google undertook at the start of 2021.

Kudos to Google for continuing to keep user experience at the forefront of so much of what they do. We think you'll like the change.

Used with permission from Article Aggregator

Many people initially assumed that the company had been hacked. However as the outage continued there were none of the telltale signs of an attack. The outage impacted all of Facebook's tools and not just the site itself which made an attack increasingly unlikely. Even Instagram wasn't working. Thus the whole of the internet was left guessing.

Facebook engineers of course were busy working behind the scenes tracking the issue down. It has now been corrected. Facebook is up and running again and the company has concluded their investigation into the matter.

Here's the official word from the company:

"Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication.

This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt. The underlying cause of this outage also impacted many of the internal tools and systems we use in our day-to-day operations, complicating our attempts to quickly diagnose and resolve the problem."

The outage couldn't have come at a worse time. Facebook is under increasing pressure from Congress to increase transparency. Naturally when the outage occurred conspiracy theories were rampant that the company was busily deleting files or otherwise destroying evidence.

Few of these were taken seriously of course but rumors tend to fly when no immediate explanation is forthcoming. This event was no exception.

In any case the issue is now resolved. So if Facebook plays an integral role in the conduct of your business you should be just fine at this point. Kudos to Facebook for the relatively rapid resolution.

Used with permission from Article Aggregator

If so be aware that the platform was recently hacked and the amount of information the attackers made off with is much more substantial than was originally estimated.

Some of the data has now been leaked by an anonymous user on 4Chan.

The share included a torrent link leading back to a data archive that's a staggering 125GB in size.

Along with the torrent link the anonymous poster left the following message:

"Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them, and in part one, are releasing the source code from almost 6,000 internal Git repositories."

Among other things the Twitch data contains:

• Creator payout reports from 2019 to the present day
• SOC Internal Red Teaming Tools
• A Steam competitor from Amazon Game Studios
• A listing of every other property that Twitch owns
• A number of proprietary SDKs and internal AWS services utilized by Twitch
• Twitch clients for desktop, mobile and video game consoles
• Twitch.tv including history dating back to the site's beginnings

One tidbit culled from the torrent file is the fact that the creators of the hit series "Critical Role" on Twitch was paid more than ten million dollars for their work. That's a healthy payday for a group of friends playing Dungeons and Dragons together. However unlike some of the other information in the massive archive that's not damaging.

Out of an abundance of caution Twitch has reset the stream keys for all users. If you stream content of any kind you should have already received an email about it and what steps you need to take next in order to properly secure your account.

Used with permission from Article Aggregator

In fact a few processors have seen performance drops of up to 15 percent which is significant enough to be genuinely annoying.

The good news is that the big brains at Microsoft are aware of the problem and are currently working on a fix.

There are tricky hardware requirements needed to run Windows 11. Microsoft has released an updated version of its "PC Health Check" app which will assist users in determining if or whether their hardware is compatible with the new OS.

Based on statistics collected by Microsoft the roll out of Windows 11 will be substantially slower than the Windows 10 roll out was. That is because at present only about half of registered business workstations are even capable of running the new OS.

It's also worth mentioning that as things stand now with the new OS machines with more than 8-core processors may experience performance issues. As with the problems with some AMD chips these issues are currently under investigation as well. Before Windows 11 is formally rolled out there's every reason to believe that those will be resolved.

Windows 10 has been a wildly successful operating system. However just about every longtime Windows user agrees that the menu systems are long overdue for a complete overhaul. That's one of the many issues that Windows 11 addresses.

Microsoft doesn't have a good track record when it comes to making truly innovative software. So don't expect anything groundbreaking from Windows 11. The company will no doubt make a number of excellent incremental improvements and that's not a bad thing at all.

Used with permission from Article Aggregator