Items tagged with security

The term "IoT" has been floating around for a while and many who care about privacy have been put on high alert. "Internet of Things" devices can help make our lives better. They can allow us to change the temperature with our smartphones or even unlock doors. They could help us track vital stats during a workout. They can optimize the use of our solar power. All great things... but... they can also act as a proxy that allows governments to peer into our lives. Again, this threat is nothing new, but what makes its reality just a bit clearer is that someone in power in the spying... Read more...
In the fall of 2014, Google lost a valuable man: Andy Rubin. While Rubin had his hands in a number of important projects at the big G, none were more important than his creation of Android in 2003. Today, Android is the most widely-used mobile OS; one that's even making its way to convertible PCs. To call that particular project a success would be a gross understatement. We learned just two months ago that Rubin has eyed making a return to smartphones, something he hasn't talked too much about openly. What he has talked about, though, is dashcams. Yup -- Rubin sees the lowly dashcam as... Read more...
It seems certain that we've all managed to wind up on a website at some point in time that had misleading elements, such as fake download buttons. While piracy is going to be the first thing that springs to many minds when this kind of sketchiness is brought up, it's hardly exclusive to that area. Some websites that host completely legitimate software still have misleading advertising, and let's face it: we've been dealing with it for way too long. Well, if Google has its way, we're not going to have to worry about such misleading advertising in the future. Back in November, the company released... Read more...
If you think that the likes of the NSA needs to rely on zero-day exploits to get their job done, you apparently have things completely wrong. At the USENIX Enigma security conference in San Francisco this week, the NSA's chief of Tailored Access Operations, Rob Joyce said that it's his team's sheer talent makes its attacks successful, not simple flaws waiting to be exploited. While it does seem likely that the NSA makes use of zero-day exploits when the juicier ones are found, Joyce says that it's not as though his team simply has a "skeleton key" that's able to open any door it chooses. Instead,... Read more...
We've all misplaced things—keys, smartphone, USB flash drive—but have you ever lost half a dozen hard drives? Healthcare provider Centene Corporation did and it's currently conducting an "ongoing comprehensive internal search" for the missing HDDs, the company announced this week. Centene discovered it was six hard drives short when auditing the inventory of its information technology assets in preparation for a data project. No small thing, the HDDs contain sensitive information of around 950,000 patients, including names, addresses, dates of birth, social security numbers, member ID numbers,... Read more...
Another day, another report of a security breach, this latest one affecting Wendy's, a nationwide chain of fast food restaurants. Wendy's has hired a security firm to help investigate claims that someone hacked its systems, a decision the chain made after being alerted to potential credit card fraud tracing back to some of the chain's locations. "We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations," Wendy's spokesperson Bob Bertini told KrebsOnSecurity. "Reports indicate that fraudulent charges may... Read more...
If you're surfing the Internet with a browser (a rarity, we know), there's a new bug to be cautious of. With a bit of simple JavaScript, a browser's HTML5 History API can be called upon thousands of times, ultimately causing a meltdown. Of course, a dedicated website (CrashSafari.com) exists to act as a proof of concept, and of course, there are many trolls out there trying to trick you into visiting it. This prank isn't harmful, but it can still be a major nuisance. In a rare case, it could cause you to have to reboot, and almost always, it will cause you to lose your open tabs (unless you have... Read more...
Computer hackers accessed personally identifiable information and financial details belonging to around 1,400 University of Virginia workers as part of an email phishing scam, the University announced. An internal investigation determined that the culprits first accessed the stolen records in early November 2014 and continued to pluck private data up through early February 2015. The phishing emails were successful in tricking an untold number of recipients with access to the University's Human Resources system into coughing up their usernames and passwords. Once the hackers had the necessary login... Read more...
Internet and computer security is a very complex field that continues to challenge even the experts as new compromises and hacks are developed, discovered and exploited. However, password security, you would think is a pretty simple, straight-forward topic. Drop in a string of characters that are hard to guess and crooks and hackers looking to crack or brute-force simpler strings or common words will have a much more difficult time breaking in. For some though, the cognitive challenge of remembering a strong password is too much and as a result, they resort to passwords they can remember, rather... Read more...
Synaptics was been working on a comprehensive, yet simple to use, fingerprint authentication technology that the company hopes will make a big splash with gamers and corporate users alike. Although it’s had a couple of names over the last year or so, Synaptics’ upcoming IronVeil technology -- as it is now known -- is just about ready for prime time. We’ve had the chance to play with a pre-production Ttesports Black V2 mouse featuring IronVeil for a couple of weeks and definitely think the technology has merit, for a few reasons.IronVeil is really a combination of hardware and software. The IronVeil... Read more...
Over the past couple of years, and especially since the Snowden revelations, the general public has become more aware of the importance of protecting themselves while enhancing their privacy. You might think, then, that the majority of those folks would be in favor of abolishing warrantless wiretapping of our Internet traffic. However, this is not the case. According to a joint poll between the Associated Press and NORC Center for Public Affairs Research, most people believe the opposite. The results show that 56% of Americans support warrantless wiretapping, while 28% oppose it. From a political... Read more...
It's a sad reality we must all face: some groups want nothing more than to intrude on our personal lives, gaining information that should be kept private. A notable group is of course the US government, which Edward Snowden proved to us over the past two years many times over is relentless when it comes to information gathering. While the government just last month officially scaled-back its mass collection efforts, it's clear that the spying is not going to stop entirely. Given that unfortunate fact, Microsoft has decided to make a rather significant change to its email service Outlook.com, and... Read more...
Have you ever seen a dog chase its own tail? That pretty much describes what's going on at BBC News this morning. The site suffered a pretty large distributed denial of service (DDoS) attack earlier today, one that knocked out the company's entire network and iPlayer streaming service, causing grief for web visitors who grew impatient with how long it took to restore service. As for the image of a dog chasing its own tail, it's based on BBC's reporting of the situation. The site posted a statement on Twitter in the early morning hours saying it was "aware of a technical issue" affecting its website,... Read more...
Security outfit AVG is catching some heat for a Chrome browser extension that left millions of users vulnerable to a variety of online attacks. Called "AVG Web TuneUp," it automatically gets installed into Chrome as part of AVG's antivirus product. That's problem number one. Problem number two is that it presented several potential security risks. A developer for Google brought the attention to Google's Project Zero team, noting that the extension adds a bunch of JavaScript APIs to Chrome "apparently so that they can hijack search settings and the New Tab page." It appears as though AVG intentionally... Read more...
1 2 3 4 5 Next ... Last