Items tagged with security

It seems certain that we've all managed to wind up on a website at some point in time that had misleading elements, such as fake download buttons. While piracy is going to be the first thing that springs to many minds when this kind of sketchiness is brought up, it's hardly exclusive to that area. Some websites that host completely legitimate software still have misleading advertising, and let's face it: we've been dealing with it for way too long. Well, if Google has its way, we're not going to have to worry about such misleading advertising in the future. Back in November, the company released... Read more...
If you think that the likes of the NSA needs to rely on zero-day exploits to get their job done, you apparently have things completely wrong. At the USENIX Enigma security conference in San Francisco this week, the NSA's chief of Tailored Access Operations, Rob Joyce said that it's his team's sheer talent makes its attacks successful, not simple flaws waiting to be exploited. While it does seem likely that the NSA makes use of zero-day exploits when the juicier ones are found, Joyce says that it's not as though his team simply has a "skeleton key" that's able to open any door it chooses. Instead,... Read more...
We've all misplaced things—keys, smartphone, USB flash drive—but have you ever lost half a dozen hard drives? Healthcare provider Centene Corporation did and it's currently conducting an "ongoing comprehensive internal search" for the missing HDDs, the company announced this week. Centene discovered it was six hard drives short when auditing the inventory of its information technology assets in preparation for a data project. No small thing, the HDDs contain sensitive information of around 950,000 patients, including names, addresses, dates of birth, social security numbers, member ID numbers,... Read more...
Another day, another report of a security breach, this latest one affecting Wendy's, a nationwide chain of fast food restaurants. Wendy's has hired a security firm to help investigate claims that someone hacked its systems, a decision the chain made after being alerted to potential credit card fraud tracing back to some of the chain's locations. "We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations," Wendy's spokesperson Bob Bertini told KrebsOnSecurity. "Reports indicate that fraudulent charges may... Read more...
If you're surfing the Internet with a browser (a rarity, we know), there's a new bug to be cautious of. With a bit of simple JavaScript, a browser's HTML5 History API can be called upon thousands of times, ultimately causing a meltdown. Of course, a dedicated website (CrashSafari.com) exists to act as a proof of concept, and of course, there are many trolls out there trying to trick you into visiting it. This prank isn't harmful, but it can still be a major nuisance. In a rare case, it could cause you to have to reboot, and almost always, it will cause you to lose your open tabs (unless you have... Read more...
Computer hackers accessed personally identifiable information and financial details belonging to around 1,400 University of Virginia workers as part of an email phishing scam, the University announced. An internal investigation determined that the culprits first accessed the stolen records in early November 2014 and continued to pluck private data up through early February 2015. The phishing emails were successful in tricking an untold number of recipients with access to the University's Human Resources system into coughing up their usernames and passwords. Once the hackers had the necessary login... Read more...
Internet and computer security is a very complex field that continues to challenge even the experts as new compromises and hacks are developed, discovered and exploited. However, password security, you would think is a pretty simple, straight-forward topic. Drop in a string of characters that are hard to guess and crooks and hackers looking to crack or brute-force simpler strings or common words will have a much more difficult time breaking in. For some though, the cognitive challenge of remembering a strong password is too much and as a result, they resort to passwords they can remember, rather... Read more...
Synaptics was been working on a comprehensive, yet simple to use, fingerprint authentication technology that the company hopes will make a big splash with gamers and corporate users alike. Although it’s had a couple of names over the last year or so, Synaptics’ upcoming IronVeil technology -- as it is now known -- is just about ready for prime time. We’ve had the chance to play with a pre-production Ttesports Black V2 mouse featuring IronVeil for a couple of weeks and definitely think the technology has merit, for a few reasons.IronVeil is really a combination of hardware and software. The IronVeil... Read more...
Over the past couple of years, and especially since the Snowden revelations, the general public has become more aware of the importance of protecting themselves while enhancing their privacy. You might think, then, that the majority of those folks would be in favor of abolishing warrantless wiretapping of our Internet traffic. However, this is not the case. According to a joint poll between the Associated Press and NORC Center for Public Affairs Research, most people believe the opposite. The results show that 56% of Americans support warrantless wiretapping, while 28% oppose it. From a political... Read more...
It's a sad reality we must all face: some groups want nothing more than to intrude on our personal lives, gaining information that should be kept private. A notable group is of course the US government, which Edward Snowden proved to us over the past two years many times over is relentless when it comes to information gathering. While the government just last month officially scaled-back its mass collection efforts, it's clear that the spying is not going to stop entirely. Given that unfortunate fact, Microsoft has decided to make a rather significant change to its email service Outlook.com, and... Read more...
Have you ever seen a dog chase its own tail? That pretty much describes what's going on at BBC News this morning. The site suffered a pretty large distributed denial of service (DDoS) attack earlier today, one that knocked out the company's entire network and iPlayer streaming service, causing grief for web visitors who grew impatient with how long it took to restore service. As for the image of a dog chasing its own tail, it's based on BBC's reporting of the situation. The site posted a statement on Twitter in the early morning hours saying it was "aware of a technical issue" affecting its website,... Read more...
Security outfit AVG is catching some heat for a Chrome browser extension that left millions of users vulnerable to a variety of online attacks. Called "AVG Web TuneUp," it automatically gets installed into Chrome as part of AVG's antivirus product. That's problem number one. Problem number two is that it presented several potential security risks. A developer for Google brought the attention to Google's Project Zero team, noting that the extension adds a bunch of JavaScript APIs to Chrome "apparently so that they can hijack search settings and the New Tab page." It appears as though AVG intentionally... Read more...
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of software that's used by the vast majority of notebook and desktop users. What's most impressive about the sheer number of bugs Flash has is the fact that ultimately, we're dealing with a mere plugin here, not a massive software package. While Flash was once considered "cool", a de facto choice for Web animation,... Read more...
If were experiencing random weirdness and seeing other player's personal information when you log into Valve's Steam online gaming service today, you're not alone and no, you don't have to worry about some sort of holiday zombie attack on your account. It does appear the Steam platform was having serious issues, however. Earlier today, several users of the platform reported seeing other gamer's profile information when logging into the service. Several users have reported seeing other people's private data including email addresses, purchase history and partial credit card information. Though credit... Read more...
1 2 3 4 5 Next ... Last