Cybersecurity

Samsung Galaxy and Google Pixel Phones Have a Security Vulnerability

Samsung has been making chips for a long time, and while they’re not better performance-wise than Qualcomm ones, they’re mostly okay. Security flaws have, however, just been found in Samsung-made chips, and severe ones at tha…

Arol Wright 4d ago

How Is SSH Different From Telnet?

SSH and TELNET both let you connect to remote, networked computers and to use them as if you’re sitting in front of them. So what’s the difference between these two venerable protocols, and is there really always an advantage…

Dave McKay Mar 13th

Uber Has Suffered a Data Breach, Once Again

The latest Uber data breach is still fresh in our minds. After all, it has just been three months since it happened. Now the company has confirmed yet another security incident, though this one isn’t quite as serious — at le…

Arol Wright Dec 12th, 2022

How BIMI Will Make It Easier to Trust Email Messages

The vast majority of online scams are conducted via email as the medium is readily accessible and easy to abuse. A new form of message authentication known as BIMI should help you understand which messages are genuine and whi…

Tim Brookes Nov 9th, 2022

Firefox Relay Can Give You a Burner Phone Number for Spam

Your phone number can be as sensitive as your email, or even more so. Putting it on the internet, or sharing it with a third party in general, puts you at risk of robocalls, text messages, or even unwanted charges. Because of…

Arol Wright Oct 13th, 2022

Uber Just Had a Security Breach (Update: Uber Responds)

It seems like these days, no one is safe from breaches and attacks. The latest service that appears to have fallen victim to a security breach is Uber, as the company reported a “cybersecurity incident” to its users….

Arol Wright Sep 16th, 2022

Samsung Just Had a Data Breach

Many popular services have reported data security breaches over the past two weeks, including LastPass, Plex, and DoorDash. You can now add Samsung to the list, as the company just confirmed some customer data was stolen….

Corbin Davenport Sep 2nd, 2022

LastPass Just Had a Security Breach

Using a password manager is a good way to keep your personal accounts and information safe on the vast, wild Internet. But password managers are not bulletproof either. Case in point: LastPass, one of the most used password m…

Arol Wright Aug 25th, 2022

PayPal Invoice Scams Aren’t Going Away: Here’s How to Avoid Them

Scammers are always looking for new ways to steal your personal details or money, and over the past few months, an exploit in PayPal’s invoice system is being used to create convincing phishing messages….

Corbin Davenport Aug 1st, 2022

BadUSB: The Cyber Threat That Gets You To Plug It In

A recent spate of USB-based cyberattacks has hit organizations in the US. Malicious USB devices are posted to selected victims. As soon as they are plugged in, the damage is done.

Dave McKay Feb 16th, 2022

How to Find Vulnerabilities In Containers and Files With Grype

Grype is an open-source vulnerability scanner that finds weaknesses within container images and filesystem directories. Grype is developed by Anchore but works as a standalone binary that’s easier to get to grips with than th…

James Walker Dec 29th, 2021

How to Detect and Defeat Cryptominers in Your Network

Mining for cryptocurrency isn’t illegal. But using a computer or network to do so without permission is. Here’s how to tell if someone is cryptojacking your resources for their own benefit.

Dave McKay Dec 28th, 2021

How to Check If Your Server Is Vulnerable to the log4j Java Exploit (Log4Shell)

A critical exploit in widespread Java library has been found, disrupting much of the internet as server admins scramble to fix it. The vulnerable component, log4j, is used everywhere as an included library, so you will need t…

Anthony Heddings Dec 17th, 2021

Critical RCE Zero-Day Exploit Found in Popular Java Logging Library log4j, Affects Much Of The Internet

A critical remote code execution vulnerability has been found in log4j, a very popular logging tool used by most of the industry. It’s extremely severe, affecting nearly every server running Java, and is very simple to exploi…

Anthony Heddings Dec 10th, 2021

How the SAML Standard Provides Single Sign-On Services

Single Sign-On and zero trust networks depend on securely passing identification details back and forth between users, identity providers, and service providers. SAML is the glue that lets that happen….

Dave McKay Nov 24th, 2021

How to Security Scan Docker Images With Anchore

Anchore Engine is an open-source scanning tool that assesses the security of your Docker images. An Anchore report gives you insights into outdated package versions and lurking vulnerabilities in dependencies….

James Walker Nov 10th, 2021

How Docker Image Signing Will Evolve With Notary v2

Signed Docker images enhance ecosystem trust and security by letting users check the images they download really originate from you. Despite the clear benefits of signing, uptake among Docker users has been slow and it’s not …

James Walker Nov 9th, 2021

How to Harden Docker Images For Maximum Security

There are many factors that contribute towards your Docker security posture but using hardened images is one of the best steps you can take to protect yourself. Not all images have the same security characteristics and a poor…

James Walker Nov 2nd, 2021

What Is RansomCloud, And How Do You Protect Yourself?

RansomCloud is ransomware designed to infiltrate and encrypt cloud storage. Responsibility for the security of your data isn’t as straightforward as you might think. We tell you what you need to know.

Dave McKay Oct 18th, 2021

Why the Google-Backed Secure Open Source Program is So Important

Supply chain attacks are skyrocketing, and open-source projects are the most common point of infiltration. The Linux Foundation, sponsored by Google, helps open-source projects protect themselves—and everyone else….

Dave McKay Oct 12th, 2021

What Does It Mean to “Shift Security Left?”

“Shift left security” refers to a software development model which fully considers security from the outset. Until quite recently, security tended to come at the very end of the process in the form of a go-live audit. This im…

James Walker Aug 3rd, 2021

How Deepfakes Are Powering a New Type of Cyber Crime

Making deepfakes is getting easier, and they’re more convincing than ever. Cybercriminals are using video and audio deepfakes to extort money from victims by adding a credible “fake authenticity” to their scams….

Dave McKay Jul 23rd, 2021

Why Compliance Complacency is Another Form of Technical Debt

Technical debt comes in three forms. Legacy equipment that can’t meet today’s needs, software projects where corners have been cut, and poorly implemented or completely ignored governance frameworks. The common thread? Risk….

Dave McKay Jul 23rd, 2021

Penetration Testing Has More Benefits Than You Think

Penetration testing measures the effectiveness of your cybersecurity defensive measures. And remember, their effectiveness changes over time, so repeat as necessary. There’s nothing fit and forget in the world of cybersecuri…

Dave McKay Jul 16th, 2021

What is Data Scraping, And Why Is It a Threat?

Data scraping is yet another way data can be extracted from your website, portal, or platform. Surprisingly, the legality of data scraping is a gray area. Here’s how to defend against it.

Dave McKay Jul 13th, 2021

Complete Guidesby How-To Geek

Our Latest Product Roundups

Reader Favorites

More from How-To Geek

Latest Geek News

Reader Favorites

More from How-To Geek

Latest Reviews

Across LifeSavvy Media

Complete Guides
by How-To Geek