Security News
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
LastPass announced it will start encrypting URLs stored in user vaults for enhanced privacy and protection against data breaches and unauthorized access. With most of the hardware performance constraints of the past now having been lifted, LastPass can now start encrypting/decrypting those URL values on the fly without the user noticing any hiccups in browser performance while enjoying ultimate data security.
The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL. What this means is that someone can upload malware and "Attach" it to a legitimate and trusted project. As the file's URL contains the name of the repository the comment was created in, and as almost every software company uses GitHub, this flaw can allow threat actors to develop extraordinarily crafty and trustworthy lures.
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. While most of the malware activity has been based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.
Brian Krebs reported that X started automatically changing twitter.com links to x.com links. The problem is: it changed any domain name that ended with "Twitter.com," and it only changed the link's appearance, not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would see the link as fedex.com, but it would send people to fedetwitter.com.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Google has introduced an updated Safe Browsing feature for Chrome on desktop and iOS, offering real-time protection against malicious sites while preserving user privacy. This enhancement allows Chrome to compare site URLs against Google's server-side database of known threats in real time, potentially blocking 25% more phishing attempts. Previously, Chrome relied on a locally-stored database updated every 30 to 60 minutes.The shift to server-side checks, announced in September 2023, aims to address the rapid growth of harmful websites and the brief existence of phishing domains. The new system checks URLs against cached safe URLs and previous Safe Browsing results. For URLs not in the cache,
Notably, Criminal IP, a Cyber Threat Intelligence search engine developed by AI SPERA, has integrated its IP address and URL scans into VirusTotal. VirusTotal aggregates data from various antivirus engines, website scanners, file and URL analysis tools, and user contributions.
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to...
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.