• BURN MEDIA
    • Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!

Security

  • CCleaner came bundled with malware for a month and nobody noticed

    CCleaner -- a program usually used to clean Windows, Android and MacOS of errant software and data -- has itself been infected by a trojan. A new report by Talos suggests that for nearly a month the program's installer didn't just install Piriform's file cleaner, but rather additional malware. "For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner," the Talos team explains in a blog post. This malware was reportedly bundled with the program's install files located within Piriform's legitimate...

  • 143m Americans’ credit, personal data compromised due to Equifax breach

    Equifax, one of the US's largest consumer credit reporting agencies, today announced a breach of its digital security measures that could affect as many as 143-million Americans. That's close to half the country's population. The hack was first discovered by the company on 29 July, but took place between mid-May and July. "Criminals exploited a U.S. website application vulnerability to gain access to certain files," the company explains in a notice. "Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases." The...

  • How to protect your child’s identity in an online world

    There are indications that identity theft syndicates are now targeting children. Common-sense practices, backed up by proper education, will save endless trouble down the line. In the online world, identity theft has become big business. People are remarkably careless about divulging personal information online, or storing it on unencrypted mobile or other digital devices. Criminals can use this information to open bank and store accounts and access state and other benefits unlawfully. Personal information like full names, birth date and parents’ names can be used to create an alias that stands up to most scrutiny. Worryingly, there are signs that identity thieves...

  • 4 tips for keeping your identity safe on the internet

    Over the course of the past decade, the brick-and-mortar institutions of yesteryear have rapidly been replaced by online counterparts, with South Africans now turning to the Internet to perform banking transactions, book flights and even shop for groceries. While this rapid surge in connectivity has undoubtedly made the world a more convenient place, it’s also made many South Africans vulnerable to the threat of online fraud and identity theft. According to recently released statistics from the South African Fraud Prevention Services (SAFPS), identity theft has increased by over 200% in the past six years, with an estimated 8.8-million South Africans affected...

  • PhishNet sends mock-phishing emails to employees for the greater good

    Telecommunications company Internet Solutions (IS) has debuted a new service that allows security teams in companies to launch authentic phishing attacks on their colleagues, scaring them stiff and teaching them valuable lessons about cyber security. Dubbed PhishNet, the service aims to educate staffers about the nature, mechanics and calling cards of a phishing attack while providing the companies with data on their security practices and infrastructure. PhishNet's debut comes at a time when cyber security is paramount in media and mainstream conversation, following the recent WannaCry and Petya ransomware attacks. WannaCry in particular -- which infected more than 250 000 computers...

  • Amazon, WhatsApp score poorly in EFF’s annual privacy report

    When you sign up for the world's biggest services/apps, you're giving loads of information to these firms. But who can be trusted with your data? The Electronic Frontier Foundation (EFF) has released its annual "Who Has Your Back" report to answer this very question. The report grades some of the biggest companies in five categories, namely whether they follow best practices, tell users about government data requests, have a pro-user public policy, stand up to gag orders and promise not to sell out users. The worst offenders? US networks AT&T, Comcast, T-Mobile and Verizon all scored one star out of five -- a...

  • SA’s Dept of Education website hacked with ‘I love Islamic State’ message

    If you're trying to access South Africa's Department of Basic Education's website at present, you can't. It's down. And there's a very good reason why. The Department took to Twitter to announce that its site has been "hacked". Our website has been hacked👇🏿 pic.twitter.com/ROK4cQChLd — Dep. Basic Education (@DBE_SA) June 28, 2017 "A short while ago we discovered that the Department's website has been hacked," begins an attached press release, published around 9pm Wednesday. Things then get gruesome. "The people who breached the website have since posted gory pictures of decapitated corpses, some of whom are children." The presser didn't go into specifics, but it did...

  • Petya or NotPetya, this is the world’s latest ransomware attack

    Ransomware is yet again sweeping across the world's computers today, and no, it's not WannaCry. It goes by a few names, but it's being commonly referred to as Petya or NotPetya by security experts. While the former was first discovered in 2016, the latter name refers to a newer strain of the ransomware. Yesterday, Petya or a derivative, reappeared in Ukraine and has since spread to countries as far east as Australia, and as far West as the US. While details about the nature of the attack and the attackers' intentions are unclear at present, we do know a few key factors...

  • WannaCry ransomware now affecting Australia’s traffic cameras

    Remember WannaCry? The fearsome ransomware package that infected over 250 000 computers in 150 countries earlier this year? Well, it's back, but not in the way you might've been expecting. According to a report by The Guardian, around 55 traffic cameras in the Australian state of Victoria have been affected by the virus. While the cameras have been operating normally, notes the Victorian department of justice, those found to have been handed incorrect fines, they will be scratched from the system. How nice. In May 2017, WannaCry ripped through the world's unpatched Windows machines, locking users out of their devices and forcing them to...

  • ‘Judy’ malware found on Google Play Store puts 36.5m users at risk

    Just when you thought that WannaCry would be the last of the big malware attacks to plague 2017, a new breed of nasty has appeared on the Google Play Store. And its name is Judy. According to a report published by security company CheckPoint, Judy "is an auto-clicking adware which was found on 41 apps developed by a Korean company". The malware gets its name from the usual (and rather adorable) protagonist of the games fronting the malware. In one particular case, users can "create delicious food with Judy". Sounds yum. Cleverly bypassing Google Play's security measures by masquerading behind a legitimate app,...

  • Zomato hacked, 17m users’ personal data leaked to the dark web

    If you frequent the India-based restaurant and food review app Zomato, you should probably change your password immediately. That's the message conveyed in a blog post by the company on Thursday, after it announced that more than 10% of the company's user records were stolen by a hacker. "The reason you're reading this blog post is because of a recent discovery by our security team - about 17 million user records from our database were stolen. The stolen information has user email addresses and hashed passwords," it noted, adding over 120-million people visit Zomato monthly. For those who had their user information stolen,...

  • Edward Snowden reminds us all that he was right after WannaCry fallout

    It's hard being right all the time, especially if you're Edward Snowden. The infamous whistleblower who curently calls Russia home spoke on Monday via video link at a Washington DC security conference. And he just couldn't help reminding everyone that the NSA sucks. "They knew about this flaw in U.S. software, U.S. infrastructure, hospitals around the world, these auto plants and so on and so forth, but they did not report it to Microsoft until after the NSA learned that that flaw had been stolen by some outside group," the former CIA contractor noted, according to a Newsweek transcript. WannaCry infected over 300...

  • Could WannaCry ransomware be linked to North Korea?

    WannaCry, the ransomware package that wreaked havoc across the world's Windows machinery this past weekend, might have links to North Korea, security experts revealed. The ransomware swept across the world last Friday, infecting over a quarter-million Windows machines across 150 countries. It remains a threat, but infection rates have somewhat slowed. According to a report published by Reuters, South Korean security researchers found coding similarities in WannaCry's earlier versions, and a different malware used by the Lazarus Group -- a hacking collective with ties to North Korea. These findings have also been noted by Google security researcher Neel Mehta, Symantec and Kaspersky. Shared...

  • WannaCry ransomware infects a quarter million computers in 150 countries

    WannaCry wins 2017's prize for most ominously named ransomware, and it has seemingly lived up to its name. A worldwide attack involving the ransomware swept through personal computers, companies and government institutions beginning on Friday 12 May. By Sunday, over 230 000 computers in more than 150 countries, including South Africa, were infected. Straight out of an episode of Mr. Robot, WannaCry (Wcry, WannaCrypt, WanaCrypt0r 2.0, or Wanna Decryptor) is a malicious software package that infects computers running Microsoft Windows. It's spread using an exploit developed by the NSA called EternalBlue which was leaked by a hacker collective in April. While Microsoft...

  • 3 hilarious (but scary) printer security stories from the internet [Native]

    Printers might seem like innocuous little office gadgets that do one job and one job alone, but they've become more vulnerable thanks to the internet. While human beings' reliance on the web expands, so does the ability for baddies to crack their security protocols. With that in mind, here are three previous moments in history that printers were the victims of rather comical, if not potentially catastrophic, security stories. -> YOUR PRINTER HAS BEEN PWNED <- In February 2017, a hacker using the alias Stackoverflowin took control of over 150 000 printers across the globe to probe a point. And to distribute memes. Although...