Link

70% of People use the Same Password for Multiple Websites

Andrew Orr ·

A report of a survey (n=1,041) reveals that 70% of respondents said they reuse the same password for multiple websites.

The numbers above from our recent survey of 1,041 adults age 18 or older in the US say it all. A full 70% of the respondents admitted they use the same password for more than one thing—sometimes (25%), most of the time (24%), or all of the time (21%). If you don’t know why that’s bad, read on: When someone gets your password for just one service, they have your password for everything. Since most online accounts assign your email address as a username, it doesn’t take Mr. Robot to crack that code.

One of our recurring tips for Security Friday is to use a password manager. This helps you easily create unique, secure passwords for anything.

Link

Here's Why iPhone 13 120Hz ProMotion Display Matters

Andrew Orr ·

Rebecca Isaacs has written a helpful explainer about the iPhone 13’s 120Hz display and why it matters for customers.

One of the major selling points of this technology is that it allows you to dynamically vary refresh rates based on what you’re doing. For instance, basic web browsing can be handled at an undemanding 10Hz to 60Hz, while gaming can take advantage of the full of 120Hz. The Apple Watch can even hit a low of 1Hz with the always-on screen.

Link

Crypto Miners Most Detected Malware Type in 2021

Andrew Orr ·

A report on Tuesday found that crypto-mining malware was the most detected malware type in the first half of 2021.

The most active cryptocurrency miner in the first half of 2021 was MalXMR, with 44,587 detections. MalXMR is a crypto-mining malware that exploited EternalBlue for propagation and abused Windows Management Instrumentation (WMI). During the infection, high CPU utilization can be noticed with powershell.exe or schtasks.exe.

Pluggin a service I use: NextDNS. There’s a toggle you can turn on to “Prevent the unauthorized use of your devices to mine cryptocurrency.”

Link

Alaska Health Service Attacked by Nation-State Cyber Attacker

Andrew Orr ·

The Department of Health and Social Service (DHSS) disclosed that it was the victim of a sophisticated cyberattack from a nation-state level actor.

Citing an investigation conducted together with security firm Mandiant, DHSS officials said the attackers gained access to the department’s internal network through a vulnerability in one of its websites and “spread from there.”

Officials said they believe to have expelled the attacker from their network; however, there is still an investigation taking place into what the attackers might have accessed.

Link

Jay Z Makes Huge Investment in Smart Home Tech

Jeff Butts ·

Rapper, songwriter, businessman Jay-Z has reportedly made a huge investment in smart home tech recently. Through Marcy Venture Partners, Jay-Z sent $110 million into Wyze Labs’ coffers. That brings the smart home device maker’s total funding to date to $146 million. The smart home tech company, founded in 2017 by Amazon veterans, has more than 300 employees. The work Wyze is doing with AI and camera technology will definitely. benefit from the extra cash.

“We are doubling down and investing heavily to build world-class artificial intelligence into our camera products,” Wyze co-founder and Chief Marketing Officer Dave Crosby told GeekWire in a recent piece. “Just in the last year, our AI team has built person detection, vehicle detection, package detection and pet detection into our cameras. “Right now we have AI features in the works that we truly think will be game-changing for any camera, let alone one that costs less than $36.”

Developer of ‘Apollo’ Reddit Client Announces App to Kill Google AMP Pages
Cool Stuff Found

Developer of 'Apollo' Reddit Client Announces App to Kill Google AMP Pages

Andrew Orr ·

Christian Selig, creator of the best Reddit client on iOS, has released two new apps. Achoo is an HTML viewer and inspector, and Amplosion redirects you away from Google’s contentious AMP web pages. Achoo HTML Viewer & Inspector: Achoo allows you to easily view the HTML for the webpage you’re viewing in Safari. It shows the HTML (as well as any inline CSS and JavaScript) with beautiful and fast syntax highlighting. You can share the HTML you’re viewing, allowing you to easily inspect it on an external device of your choosing, or send it to a friend, or simply copy it to your clipboard. Amplosion: Amplosion automagically redirects AMP pages/links to their normal counterparts within Safari using an easy and elegant Safari extension. It’s completely open source, so with this transparency you can verify everything about the extension. Both of these take advantage of the new Safari extension system on iOS 15 | iPadOS 15

Link

Grain Cooperative 'New Cooperative Inc' Hit with BlackMatter Ransomware Attack

Andrew Orr ·

Cyber gang BlackMatter has attacked Iowa-based grain cooperative New Cooperative Inc with ransomware, successfully shutting down its systems.

The attack occurred on or around Friday, according to Allan Liska, senior threat analyst at the cybersecurity firm Recorded Future Inc. The ransomware gang, which goes by the name BlackMatter, is demanding a $5.9 million ransom, Liska said.

New Cooperative confirmed that they had been attacked and said they had contacted law enforcement and were working with data security experts to investigate and remediate the situation.

Link

Here's How Much Your Car Knows About You

Andrew Orr ·

Jon Callas, the Electric Frontier Foundation’s director of technology projects, explained what data newer cars, especially Tesla, collect from you.

“All of these things are at least theoretically able to be logged,” cautioned Callas. “And there is a port that you can connect something to — and there’s lots of hardware and software that you can connect to your car and get all sorts of telemetry information about how the car is running — and just like there are people who hack their computers there are people who hack their cars.”