Be Aware That ChromeLoader Malware Is Picking Up Steam

A browser hijacker called “ChromeLoader” has had a large uptick in detections this month, which is raising eyebrows among security professionals. ChromeLoader can modify a victim’s web browser settings to show search results that promote unwanted (and usually spammy) software, annoying pop-up ads, fake giveaways, adult games, dating sites, surveys, …

Upgrade This WordPress Plugin To Avoid Being Hacked

Do you own and manage a WordPress site either personally or as part of your business?  Do you also use the Tatsu plugin which offers a powerful suite of in-browser editing features and has been installed by more than 100,000 users worldwide? If so, be aware that there is a …

Update VMWare Apps Now For Critical Security Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory that serves as a stark warning. If you’re using VMware products that are impacted by recently disclosed critical security flaws, either patch them immediately or remove them from your network. CISA issued the dire warning because the last time …

Update Addresses Zero Day Exploit For Some Apple Devices

If you’re not familiar with the term, a Zero Day exploit is a security flaw that the software vendor is not aware of and hasn’t yet patched. In many (but not all) cases, Zero Day Vulnerabilities will also have publicly available proof-of-concept exploits before a patch becomes available.  Quite often, …

New Phishing Attack Delivers Three Types Of Malware To Victims

Phishing campaigns get more effective the more closely they can imitate a trusted source.  Recently, security researchers at Fortinet discovered evidence of a phishing campaign that specifically targets Microsoft Windows users and installs three different types of malware on the systems it manages to infect. Among other things, this campaign …

Microsoft Warns New Sysrv Botnet Variant Is Dangerous

Security researchers employed by Microsoft have recently spotted a variant of the Sysrv botnet.  They have dubbed the new variant Sysrv-K. This new variant works in two ways.  First, it exploits a flaw in the Spring Cloud Gateway that allows remote code execution (tracked as CVE-2022-22947). Second, the botnet scans …

You Might Need This HP Bios Security Update

HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company.  In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being …

Say Goodbye To The Apple iPod

It is the end of an era.  Apple recently announced that they were discontinuing the legendary iPod, which is now in its 7th generation of production. When first released more than fifteen years ago, the iPod was an instant smash hit that almost singlehandedly created the digital music industry, moving …

Windows 11 May Release New Feature For Copying Information

If you’re a member of the Windows Insiders group, then you are likely already aware of this. If not, here’s something else to look forward to when Windows 11 is formally released.  Microsoft has been experimenting with a new “Suggested Actions” feature when you copy data onto your clipboard. It …