Beware of Free File Converters
Published Mar 28 2025 2:47 PM
Converting a file from one format to another is something almost everyone has to do at some point. Do a search and many sites show up offering a conversion service. Some are free. But are they really free? This Insight looks at what you may get that you don’t expect and pay for the mistake for a long time.
Free file converters may come with a high price
How to delete your 23andMe data
Published Mar 28 2025 2:45 PM
23andMe was a DNA testing company used by many to find ancestors, family connections and possible genetic weaknesses. The company just declared bankruptcy meaning all your information is up for sale. The new owner may not be bound by the privacy policy of 23andMe. This article explains how to delete your data.
Delete your data to be safe
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround
Published Mar 28 2025 2:42 PM
A new vulnerability has been discovered in VMware tools and CrushFTP. It is rated 7.8 out of 10 meaning it is serious. The vulnerability allows attackers to perform high privilege operations that the compromised account should not have permission to do.
Serious VMware Flaw
Critical 'IngressNightmare' Vulns Imperil Kubernetes Environments
Published Mar 28 2025 2:37 PM
Kubernetes is a popular opensource container manager for distributing software. A serious vulnerability allows attackers to execute code and take over the entire environment.
Serious Kubernetes vulnerability
'Lucid' Phishing-as-a-Service Exploits Faults in iMessage, Android RCS
Published Mar 28 2025 2:34 PM
Many people believe their messaging services are secure. But cybercriminals have found ways to compromise iMessage and Android RCS. Be careful what you send.
Apple and android messaging services compromised
What Is Your Auto-Malware Doing?
Published Mar 21 2025 1:35 PM
Anti-malware collects information about us to help keep us safe. But does it collect more information than is necessary for that role? And what does it do with it? This Insight looks at that and provides suggestions to be safer.
Anti-malware information collection
VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme
Published Mar 21 2025 1:32 PM
WordPress is one of cyberattackers favorite targets. Now we hear of another attack that is using 20,000 WordPress sites to redirect traffic to compromised sites.
WordPress Again
New 'Rules File Backdoor' Attack Lets Hackers Inject Malicious Code via AI Code Editors
Published Mar 21 2025 1:30 PM
Attackers have found a vulnerability in code editors that are AI powered. The vulnerability allows the attackers to insert code that performs malicious actions.
AI Code Editors Hacked
Mobile Jailbreaks Exponentially Increase Corporate Risk
Published Mar 21 2025 1:27 PM
Jailbreak means a user has removed or circumvented safety features of their phone. This is popular among people who want to do things that the phones attempt to prevent. New research shows the jailbroken devices are significantly more likely to be infected with malware.
Jailbroken phones have high risk
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
Published Mar 21 2025 1:24 PM
Cisco is a major player in the network space. Attackers have found a way to use the Smart Licensing utility to stage attacks. These vulnerabilities are serious 9.78 on CVSS. Cisco has issued patches. Be sure to apply them.
Serious Cisco Vulnerability
One Token To Rule Them All
Published Mar 14 2025 2:22 PM
A token provides access to a single system, application or site. This makes them desired by cybercriminals. Microsoft has issued their Primary Refresh Token that provides access to all the Microsoft services you have permission to use. One token and access to all. This makes them a big target of attackers.
PRT - convenient but dangerous
XCSSET macOS malware variant targets Xcode projects of app developers
Published Mar 14 2025 2:18 PM
A new attack has been found that targets macOS developers using Xcode. Another example of an attack that doesn’t go after single users but a supply chain style attack in that if will infect any user of the app.
Developers targeted
Volt Typhoon Strikes Massachusetts Power Utility
Published Mar 14 2025 2:16 PM
In disturbing news attackers were found in a Massachusetts power utility. As if that isn’t bad enough, they were there for over 300 days before being discovered.
Over 300 days to be discovered
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
Published Mar 14 2025 2:14 PM
Another scam using fake Captcha pages. Be sure before you click. This one deploys a rootkit. Very dangerous and difficult to remove.
Another fake Captcha scam
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Published Mar 14 2025 2:09 PM
A phishing campaign looks to take advantage of people through bogus emails that appear to come from Booking.com. If you have ever booked on the site it won’t be a surprise to get an email. But don’t click anything!
Travel bookings phishing