Login
It's the most wonderful time of the year … for corporate security bosses to run tabletop exercises, simulating a hypothetical cyberattack or other emergency, running through incident processes, and practicing responses to ensure preparedness if when a digital disaster occurs.…
interview According to Remedio CEO Tal Kollender, the only way to beat the bad guys hacking into corporate networks is to "think like a hacker," and because not everyone is a teenage hacker turned cybersecurity startup chief executive, she built an AI to do this.…
Every morning I find myself scrolling through 50+ tabs of RSS feeds, BleepingComputer, and CISA alerts. It’s exhausting.
I started a project called Threat Road to curate the "Top 3" most critical stories daily with a focus on immediate mitigations. I want to make it as useful as possible for the community.
I’d love your brutal honesty:
What makes a security newsletter "instant delete" for you?
Do you care about "Chili-pepper" risk ratings, or do you find them gimmicky?
Would you rather have a deep dive on one bug or a brief on three?
I'm just looking to hear what you all actually want in a daily briefing.
From their original design as simple broadcast receivers, today’s televisions have evolved into powerful, internet-connected entertainment hubs. Combining traditional viewing with online capabilities, smart TVs provide instant access to streaming platforms, web browsing, voice assistants, and personalized recommendations.
As our TVs have grown smarter, however, they’ve also become gateways to new privacy and security challenges. In a chilling echo of George Orwell’s dystopian novel 1984, it’s possible that Big Brother, or in this case, Big Hacker, might be surveilling you through your own television.
In 2013, evidence emerged that smart TVs can be just as vulnerable to hacking as home computers, following an investigation by security analysts Aaron Grattafiori and Josh Yavor at iSEC Partners. Working with smart TV manufacturers to address potential vulnerabilities, the analysts presented their findings at the Black Hat network security conference in Las Vegas. Their demonstration highlighted the concerning possibility of smart TVs not only physically surveilling you through the built-in camera but also prying deeper into your personal life by collecting data on your web searches, app usage, and preferences.
Smart TVs can be hacked in several ways, but the gateway that opens your smart TV to these attacks is the IP address, which links with internet-driven apps such as Facebook and YouTube, as well as video streaming services, microphones, and even internal cameras. Because smart TVs often run the same code as computers and smartphones, such as JavaScript or HTML5, they are also susceptible to malware and spyware attacks. These are some of the ways your device can be hacked:
Once a hacker has compromised your smart TV, they can spy on you through several built-in technologies that collect data on your viewing habits, conversations, and online activities.
The key to managing these privacy risks is understanding what data your TV collects and taking control through privacy settings, network restrictions, and informed usage decisions.
Your smart TV data typically flows to multiple parties. It starts with the device manufacturer for product improvements, then to streaming app providers for content recommendations, on to advertising networks for targeted marketing, and analytics companies for usage insights. Recent regulatory guidance emphasizes that you should have clear visibility into these data-sharing relationships through your TV’s privacy policy.
You can limit data collection by disabling Automatic Content Recognition (ACR) in your TV’s privacy settings, turning off personalized advertising, and regularly reviewing app permissions. Consumer protection agencies require smart TV manufacturers to provide opt-out mechanisms for advertising personalization and data sharing with third parties.
Fortunately, you can significantly reduce your smart TV risks with some simple preventive measures:
Most smart TVs don’t fully turn off when you press the power button; they enter standby mode to enable quick startup. In this state, certain components may remain active and continue collecting data. It might maintain network connectivity to receive software updates, keep microphones and voice assistants ready to respond to wake words, or continue ACR that tracks your viewing habits.
To truly disconnect your TV from potential monitoring, you have several options:
It depends on your specific smart TV model and its manufacturing date. Most modern smart TVs manufactured after 2022 do not include built-in cameras. Major manufacturers such as Samsung, LG, Sony, and TCL have largely moved away from integrating cameras directly into their television sets due to privacy concerns and limited consumer adoption.
Some premium models and older smart TVs from 2018-2021 may still feature built-in cameras designed typically used for:
If your smart TV does have a camera, you still have control, as most smart TVs with cameras include physical privacy shutters, software controls to disable the camera, or the option to cover the lens. For external USB cameras, simply unplugging it ensures that no one can see you through the smart TV.
To determine if your smart TV has a camera, check the following:
If you discover your smart TV has a camera, you can take control of your privacy by disabling it in your TV’s settings, covering it with tape when not in use, or using any built-in privacy shutters.
Aside from the precautions listed above, there are other ways you can disable your smart TV’s camera:
If the thought of your living room turning into a hacker’s surveillance paradise sends a chill down your spine, you’re not alone. Fortunately, you can take some protective measures that keep your smart TV safe.
One of the best ways to protect yourself is to stay informed about the latest developments in smart TV security. Attend webinars, read articles, and follow experts in the field to stay current with the latest security threats and fixes.
Just as importantly, small but effective digital habits will also fortify your smart TV security: keep your TV’s firmware updated, stick to official app stores, secure your home Wi-Fi with strong encryption, use unique passwords for your devices, limit the use of social media and messaging apps on your TV, and be cautious about what you plug into your TV’s ports.
By following these recommendations, you can continue to relax in your living room and enjoy your digital entertainment experience without compromising your privacy and security.
The post How To Tell If Your Smart TV Spying on You appeared first on McAfee Blog.
A simple click of a link can’t cause any trouble, right? Wrong.
It doesn’t matter if you quickly close out of a window. It doesn’t matter if you only take a quick peek and don’t touch anything else while you’re on a risky webpage. Often, just clicking on a single link can compromise your device, online privacy, and even your personal information. The mere action of clicking a suspicious link could expose you to malware, scams, or identity theft.
Here’s everything you need to know to recognize, steer clear of, and take the proper action in case you accidentally click on a questionable link.
A risky link is any hyperlink that redirects you to an unexpected and possibly compromised webpage. Often, these webpages trick visitors into divulging personal information or automatically download malicious payloads (viruses, malware, spyware, etc.) onto your device.
Email remains the most frequent delivery method, with phishing messages designed to look like urgent notifications from trusted companies. A variation of this is SMS phishing or “smishing,” where attackers send sketchy links through text messages claiming package delivery issues. Another common method involves sending malicious links via direct messages on social media, where compromised accounts target their contact lists. According to the Federal Trade Commission (FTC), $70 million was lost to phishing and spoofing in 2024.
Hackers could also use your browser to deliver their criminal work. In drive-by downloads, for instance, simply visiting a compromised webpage can automatically install malware on your device without any additional action from you. Outdated browsers and plugins are another entry point for cybercriminals to gain unauthorized access to your system.
A bad link might also direct you to a fake login page that looks identical to a legitimate site, such as your bank. Any information you enter on these fraudulent pages goes directly to scammers, who can then access your real accounts.
Meanwhile, mobile malware is a vast category of malicious software that often makes its way onto devices through infected links. Malware can spy on you, monitor your keystrokes, infect your device with a botnet, and ultimately compromise your device and the information it stores.
As threat actors continuously adapt their tactics to circumvent security solutions, one critical factor that determines your risk level is your device’s security posture. A device with updated software, a modern browser, active antivirus protection, and restricted permissions is far less likely to be compromised by a malicious site or download. Conversely, outdated systems, unpatched vulnerabilities, or disabled security features create easy openings for attackers to exploit.
Another risk factor is the rhythm or pace at which you operate your devices. As artificial intelligence tools are increasingly helping scammers and phishers disguise their malicious links to look more believable, you will need to slow down, control the impulse to click, and take a minute to intentionally look at what you are doing. If you read quickly, you could accidentally click a malicious link and fall for a scam.
Even the most convincing messages can hide dangerous links. Before you click on anything, it’s worth taking a few seconds to verify where that link actually leads. These quick checks can help you spot red flags and avoid landing on malicious or fraudulent websites designed to steal your information.
If you’ve accidentally clicked a phishing link, don’t panic, but do act fast. Quick, calm steps can make all the difference in preventing further damage. Here’s what to do right away to secure your device, accounts, and personal information.
Even with your strong digital habits and awareness, it’s easy for something to slip through the cracks. With the right technology that catches potential threats before they reach you, you can browse, message, and shop online without worry.
McAfee’s Scam Detector proactively alerts you and automatically protects you the moment it detects a scam link in your texts, emails, or on social media. If you accidentally click on a scam link, the app will block the malicious webpage from loading. The more you use this artificial intelligence-powered tool, the smarter it becomes.
Protecting yourself from those risky phishing links doesn’t require becoming a security expert. It only takes simple habits to dramatically reduce these threats. Take a moment to be intentional and alert, and make informed choices about the links you encounter.
By taking time to verify URLs, staying reasonably skeptical, enabling automatic updates, trusting your instincts, and relying on trusted security tools for safe browsing and scam detection, you can create powerful barriers against cybercriminals.
Whether you’re browsing social media, checking emails, or exploring new websites, that brief pause to assess whether a link looks legitimate can be the difference between safety and falling victim to sketchy links and credential theft. Share these simple safety practices with your family members, especially those who might be less familiar with online threats, because collective awareness makes everyone safer.
The post What Are the Risks of Clicking on Malicious Links? appeared first on McAfee Blog.
Little write-up for a patched WebSocket-based RCE I found in the CurseForge launcher.
It involved an unauthenticated local websocket API reachable from the browser, which could be abused to execute arbitrary code.
Happy to answer any questions if anyone has any!
Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could allow an attacker to inject malicious HTML content or trick the bot into leaking system prompts. Their thank you from the company: being accused of "blackmail."…
The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
Hey r/netsec -- it's been about two years since we last published a tool for the security community. As a little festive gift, today we're happy to announce the release of certgrep, a free Certificate Transparency search tool we built for our own detection work and decided to open up.
It’s focused on pattern-based discovery (regex/substring-style searches) and quick search and drill down workflows, as a complement to tools like crt.sh.
A few fun example queries it’s useful for:
FreshRSS 
(login|signin|account|secure).*yourbrand.*\*.*google.*yourbrand.*(cdn|assets|static).*We hope you like it, and would love to hear any feedback you folks may have! A number of iterations will be coming up, including API, SDKs, and integrations (e.g., Slack).
Enjoy!
A new research paper highlights a critical implementation flaw in how major vendors (ASUS, MSI, etc.) configure IOMMU during the DXE phase of boot.
The Core Issue:
The firmware reports DMA protection as "Active" to the OS, but fails to actually enable the IOMMU translation tables during the initial boot sequence. This creates a window of vulnerability where a malicious peripheral can read/write system memory unrestricted.
I've analyzed the root cause and the discrepancy between "Reported Status" vs "Actual Enforcement" in this report:
[👉 Full Analysis & Mitigation Strategies]https://www.nexaspecs.com/2025/12/critical-uefi-flaw-exposes-motherboards.html
Has anyone started seeing patched BIOS versions roll out yet?
Hi everyone,
Over the last month I’ve been analyzing modular addition not as a bitwise operation, but as a fractional mapping. Treating (a + b) mod 2^32 as a projection into the fractional domain [0, 1), modular “bit loss” stops behaving like noise and instead becomes predictable geometric wrapping.
This leads to what I call the Kaoru Method.
The core idea is to run a “Shadow SHA-256” in parallel using infinite precision arithmetic. By comparing the real SHA-256 state with the shadow state, it’s possible to reconstruct a Universal Carry Map (k) that fully captures all modular wraps occurring during execution.
Once k is recovered for the 64 rounds, the modular barriers effectively disappear and the compression function reduces to a system of linear equations.
In my experiments, a standard SHA-256 block produces exactly 186 modular wraps. This number appears stable and acts like a structural “DNA” of the hash computation.
Under this framework, differential cryptanalysis becomes significantly simpler, since the carry behavior is no longer hidden. I’m releasing both the theoretical framework and an extractor implementation so others can validate, attack, or extend the idea toward full collisions.
Paper (theory):
https://osf.io/jd392/files/4qyxc
Code (Shadow SHA-256 extractor):
https://osf.io/n9xcw
DOI:
https://doi.org/10.17605/OSF.IO/JD392
I’m aware this challenges some long-held assumptions about modular addition as a source of non-linearity, so I’m especially interested in feedback, counterexamples, or independent replication.
Thanks for reading.
Microsoft wants to develop tech that could translate its codebase to Rust, and is hiring people to make it happen.…
Over one year ago the Goverment wanted to email the victims but Bitfinex denied it. But it is not too late yet if we act now. Did you hear of any availability of old crypto exchange user email addresses? Security researchers in possession of historic leak data could help to return $ nine digits to victims soon.
Please suggest specific forums for outreach.
Thanks!
Ranked list of 2016 exchanges: Poloniex Bitstamp OKCoin BTC-e LocalBitcoins Huobi Xapo Kraken CoinJoinMess Bittrex BitPay NitrogenSports-eu Cex-io BitVC Bitcoin-de YoBit-net Cryptsy HaoBTC BTCC BX-in-th Hashnest BtcMarkets-net Gatecoin Purse-io CloudBet Cubits AnxPro Bitcurex AlphaBayMarket Luno BTCC Loanbase Bitbond BTCJam Bit-x BitPay BitBay-net NucleusMarket PrimeDice BitAces-me Bter MasterXchange CoinGaming-io CoinJar Cryptopay-me FaucetBOX Genesis-Mining
Mac Malware analysis
After over a week of speculation, ServiceNow announced on Tuesday that it has agreed to buy cybersecurity heavyweight Armis in a $7.75 billion deal that will see the workflow giant incorporate a real-time security intelligence feed into its products.…
Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.…
Microsoft has hustled out an out-of-band update to address a Message Queuing issue introduced by the December 2025 update.…
