Error message

  • Deprecated function: implode(): Passing glue string after array is deprecated. Swap the parameters in drupal_get_feeds() (line 394 of /home/cay45lq1/public_html/includes/common.inc).
  • Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in menu_set_active_trail() (line 2405 of /home/cay45lq1/public_html/includes/menu.inc).

Technology

New forum topics

Dreame's Robot Vacuum Won't Be Climbing Stairs, but We Saw It Summit a Small Ledge at CES 2025

CNET News - Tue, 01/07/2025 - 16:03
The X50 Ultra robot vacuum from Dreame has two little legs it can deploy to clear some small obstacles.
Categories: Technology

Best Mesh Router Deals: Save Up to $225 on Top Brands Like Eero, TP-Link and More

CNET News - Tue, 01/07/2025 - 16:00
Mesh routers are the best solution for whole home connectivity, and you can score big savings right now with these deals.
Categories: Technology

'Abbott' and 'Sunny' Crossover Episode: Release Date, How to Watch

CNET News - Tue, 01/07/2025 - 15:50
Here's when to stream Abbott Elementary's highly anticipated season 4 installment, Volunteers.
Categories: Technology

I Really Don't Want an AI Pot to Turn My Plant Into a Tamagotchi From Hell

CNET News - Tue, 01/07/2025 - 15:44
My home has almost 100 houseplants, and this pot is nightmare fuel to me.
Categories: Technology

TP-Link Archer AX21 Review: An Excellent Wi-Fi Router for Most Homes

CNET News - Tue, 01/07/2025 - 15:41
It's rare to find a router with this combination of speed and range for under $100.
Categories: Technology

CES 2025: New Phones, Wearables and LED Concepts Arrive in Las Vegas

CNET News - Tue, 01/07/2025 - 15:33
Reveals from OnePlus, TCL and Samsung arrive during the show, alongside mobile concepts that might turn up in new devices down the line.
Categories: Technology

Beware, that Social Security email could be hiding dangerous malware

TechRadar News - Tue, 01/07/2025 - 15:29
  • Security researchers from Cofense spot multiple phishing emails impersonating the US Social Security Administration
  • The goal was to deploy the ConnectWise Remote Access Trojan
  • The email frequency increased in the days leading up to the 2024 US presidential elections

Cybercriminals are impersonating the US Social Security Administration in an attempt to install a Remote Access Trojan (RAT) malware on people’s devices, experts have warned.

Cybersecurity researchers at Cofense observed a phishing campaign, slowly picking up pace in the days and weeks leading up to the 2024 US presidential elections.

The goal of the campaign was to distribute the ConnectWise RAT - a tainted and malicious use of otherwise legitimate software called ConnectWise Control (formerly ScreenConnect).

ConnectWise RAT

In an in-depth analysis, Cofense said it observed multiple variants of the same phishing campaign, in which the crooks would spoof the Social Security Administration and claim to provide an updated benefits statement. Most of the time, the fake statement would come in the form of a mismatched link (a link that doesn’t lead where it says it will lead). Sometimes, the threat actors would try to hide the link behind a “View Statement” button.

The campaign most likely started in or around mid-September 2024, when it was first observed by Cofense. The second sample came in a month later, after which the frequency gradually increased until mid-November.

“While additional emails were seen in late November, this campaign reached peak volume on November 11th and 12th, a week after Election Day,” Cofense concluded.

ConnectWise Control is a legitimate remote desktop and support tool, but in this scenario, it is used to gain unauthorized access to victims' devices. Cybercriminals exploit the software's legitimate capabilities by deploying it stealthily, often bundling it with malware or phishing schemes. Once installed, the RAT allows threat actors to control systems remotely, steal sensitive data, deploy additional malware, and monitor the victim’s computer activity.

Legitimate software is often used for malicious purposes, since endpoint security and malware removal services often don’t recognize them as a threat.

You might also like
Categories: Technology

I Made Things Weird Trying TSA's New Shoe Scanner Machine video

CNET News - Tue, 01/07/2025 - 15:23
The TSA is working on new scanners that'll let you keep your shoes on when traveling through security checkpoints at airports. CNET's Bridget Carey gets an early look at how the technology works and tries to mess up her test.
Categories: Technology

The Time for An Xbox Handheld Is Now

CNET News - Tue, 01/07/2025 - 15:13
Commentary: Microsoft wants everything to be an Xbox. How about Windows gaming handhelds?
Categories: Technology

Anker Just Dropped Two New Innovative Portable Chargers and They're $10 off Right Now

CNET News - Tue, 01/07/2025 - 15:04
Anker released these items today so you can be among the first to get your hands on one -- and save $10 in the process.
Categories: Technology

Xgimi Satisfies Your Budget(ish) Roll-Up TV Dreams

CNET News - Tue, 01/07/2025 - 15:02
Xgimi rises into CES 2025 with a clever ascending screen with a built-in soundbar.
Categories: Technology

Today's NYT Connections Hints, Answers and Help for Jan. 8, #577

CNET News - Tue, 01/07/2025 - 15:00
Here are some hints — and the answers — for Connections No. 577 for Wednesday, Jan. 8.
Categories: Technology

Today's Wordle Hints, Answer and Help for Jan. 8, #1299

CNET News - Tue, 01/07/2025 - 15:00
Here are some hints and the answer for Wordle No. 1,299 for Wednesday, Jan. 8.
Categories: Technology

This $70 Discount Drops the 10th-Gen iPad Back Down to Its Pre-Christmas Price

CNET News - Tue, 01/07/2025 - 14:56
Amazon and Best Buy have this top-rated tablet on sale for just $279 -- the same price we saw during recent holiday sales.
Categories: Technology

Jeff Bezos' Blue Origin Sets Date for Historic New Glenn Rocket Launch

CNET News - Tue, 01/07/2025 - 14:56
Blue Origin hopes New Glenn, named for space legend John Glenn, will make it safely to orbit for the inaugural test flight of a rocket that could rival those in Elon Musk's SpaceX fleet.
Categories: Technology

The Health Monitoring Boom Only Gets Weirder From Here

WIRED Top Stories - Tue, 01/07/2025 - 14:47
Forget going to the doctor's office; these companies are putting the power of tracking every aspect of your health into our own hands. But do you really want to know?
Categories: Technology

This $7 Compact SD Card Reader Is a Must-Have for Photographers

CNET News - Tue, 01/07/2025 - 14:24
It can read both micro and full-size cards and boasts transfer speeds of up to 5Gbps. And right now, Amazon Prime members can pick it up for $9 off.
Categories: Technology

Best AirPods 4 Deals: Enjoy Some Excellent Freebies With These Amazing Earbuds

CNET News - Tue, 01/07/2025 - 14:20
The latest iteration of Apple's famous AirPods brings new features and a new design, and now you can get yours for less than you might expect.
Categories: Technology

US state sues T-Mobile over 2021 data breach which leaked data of millions

TechRadar News - Tue, 01/07/2025 - 14:16
  • A 2021 T-Mobile data leak exposed millions of customer's data
  • Washington State is now suing the telecoms giant
  • The suit alleges that T-Mobile failed to protect and notify customers

The US state of Washington is taking legal action against telecommunications giant T-Mobile over consumer protections failures following a 2021 data breach which exposed up to 79 million consumers worldwide, including the social security numbers of almost 184,000 customers in the state.

As part of Washington’s lawsuit, the state claims T-Mobile failed to ‘adequately secure sensitive personal information of more than 2 million Washingtonians’. This failure, the state claims, left those consumers vulnerable to fraud and identity theft.

The suit claims that the breach was ‘entirely avoidable’ and explains T-Mobile had years to fix key vulnerabilities in its cybersecurity systems, and failed to properly address them. A lack of security monitoring meant T-Mobile was unaware of the breach.

T-Mobile customers mislead

The suit alleges T-Mobile deliberately downplayed the severity of the breach to affected consumers, and omitted critical information, which in turn affected customer’s ability to ‘adequately assess their risk of identity theft or fraud’.

The firm sent out texts to affected customers, but failed to include legally required information. Customers who didn’t have their card details or social security numbers compromised were informed of such, but those who did, weren’t given any information about the exposure.

According to the suit, T-Mobile used ‘weak credentials’ and an ‘easily guessable username and password’, and the exposed data appeared for sale on the dark web almost immediately after it was stolen.

T-Mobile has recently agreed to pay an over $15 million penalty to the FCC as part of a settlement deal following a string of high-profile data breaches between 2021 and 2023. The company was also ordered to make significant changes to its cybersecurity infrastructure, and adopt more robust identity and access management frameworks.

You might also like
Categories: Technology

This Gadget Turns Your Phone Into a Gaming Console and It's Currently 60% Off

CNET News - Tue, 01/07/2025 - 14:14
For just $40, the Razer Kishi V2 can transform your phone into an incredible handheld gaming device.
Categories: Technology

Pages

Subscribe to The Vortex aggregator - Technology