Items tagged with security

It's no secret that Apple places a high value on customer security and privacy, and the company goes to great lengths to make sure that it's a market-leader in both regards. However, even the most careful companies can be exposed to crippling security vulnerabilities. If software contains a previously unidentified bug or exploit, it just sits there waiting for some enterprising user to spot it. And that's just what happened with Apple's Activation Lock. When an iPhone or iPad is lost, the user has the ability to enable "Find My iPhone", which can immediately locks the device, requiring correct... Read more...
The Supreme Court approved a series of changes to Rule 41 of the Federal Rules of Criminal Procedure by the United States Department of Justice that go into effect today. Those changes, which the DoJ proposed earlier this year and that were never discussed by Congress, gives the FBI permission to hack into multiple computer systems here and abroad with a just a single warrant in cases where they're part of a botnet or otherwise can't be traced to a precise location.Any U.S. judge can authorize such a warrant, including magistrate judges who typically only issue warrants within their own jurisdiction.... Read more...
It's been proven that some tech companies have been willing to cater to the government's every need, but others -- namely Google -- remain adamant about transparency regarding shady practices. Earlier this year, we reported on Google's new feature that informs users if they've become the target of state-sponsored attackers, so as to help you better protect yourself via whatever means you have available. We can't imagine what it's like to receive a notification like this, but it can't be a great feeling. Now, we're reminded that this functionality exists, as a slew of journalists and professors... Read more...
A cloud security outfit is warning that a new ransomware strain called Stampado has emerged from the underground market and is wreaking havoc on systems. What makes Stampado stand out from the crowd is that it is available on the dark web for only $39 with a full lifetime license. That makes it one of the least expensive and most accessible ransomware strains out there.Don't be fooled by Stampado's low price tag, the ransomware strain is capable of doing big time damage. As is often the case with malware, Stamapado typically arrives on system through spam emails or drive by downloads. It installs... Read more...
Remember getting Rickrolled? Talk about an annoying trend, but at least you could exit out of the 1980s hit single and resume normal activities (except for those dancing webpages on the desktop designed to dodge your exit attempts). Well, there's a new prank going around, one that can crash any iPhone handset in a not-so-obvious way. The prank consists of a short video that, when watched, slows down and eventually freezes any iPhone model. It doesn't happen right away—a user may be able to swipe through screens, open a couple of apps, or check email before the performance degradation becomes obvious.... Read more...
It seems that Apple may have a complicated relationship with device user privacy. Russian digital forensics firm Elcomsoft has recently discovered that iPhone users’ call histories are being sent to Apple’s servers. A user’s call history can be sent to Apple’s servers if iCloud is enabled. The data will include phone numbers, dates, times, and duration of phones calls as well as missed and bypassed calls. Facetime and third-party apps such as Skype, WhatsApp, and Viber, and that use Apple CallKit to make the calls, are also saved in iCloud. Apple retains this information for no longer than four... Read more...
2016 is going to be remembered for a number of fortunate and unfortunate things, with one topic that falls into the latter category being the debacle of U.S. law enforcement vs. Apple. The FBI and other US federal agencies have made it no secret that they would like to be able to gain access to any smartphone if the need arises - something that anyone who cares even remotely about their privacy shouldn't be okay with. In the months that followed, the FBI somehow managed to break into an iPhone 5C without any help from Apple. And while it's not clear if the agency is able to pull that off on more... Read more...
We recently witnessed a new and disturbing trend in cyber security and that is the widespread hacking of Internet connected devices to initiate DDoS attacks on an unprecedented scale. That is the method that made possible the Mirai botnet that targeted security expert Brian Krebs and his security blog with 620 gigabits per second of traffic, which at the time was a record. It is also what's causing a surge in DDoS attacks, as noted by content delivery network (CDN) Akamai. The CDN made its findings known in a recent security report compiled with data gathered from its intelligence platform. In... Read more...
Security researchers have found a rather alarming vulnerability in Linux that could ultimately allow an attacker to copy, modify, or destroy the contents of a hard drive, along with with configure the network to exfiltrate data. That in and of itself is cause for concern, but the real harrowing part about this is how easy it is to activate—an attacker need only boot up the system and hold down the enter key for 70 seconds. In less time than it takes to microwave a bag of popcorn, an attacker could compromise a Linux machine with potentially serious consequences. The vulnerability that makes it... Read more...
The Federal Bureau of Investigation made a big deal out of Apple's unwillingness to help it crack a locked iPhone 5c handset that was used by a terrorist in the deadly San Bernardino shooting, but it turns out it rarely needs assistance. Nine of out ten times, the FBI is successful in its attempts to unlock a secured smartphone or laptop, the agency admitted to attendees at a public meeting on encryption. Jim Baker, General Counsel for the FBI, provided some interesting numbers for the public to digest. According to Baker, the FBI's forensic labs analyzed 6,814 phones and laptops from October 1,... Read more...
We hate to break it to you, but your PC is not as secure as you think. That remains true even if you lock your computer with a password. Should you leave your system unattended, it would be possible for someone to hack into it in less than a minute using a $5 Raspberry Pi device. The culprit doesn't even need advanced knowledge of computer security, all they have to do is plug the inexpensive gadget into a USB port and wait. The nefarious tool is called PoisonTap. It was created by Samy Kamkar, a well known hacker and developer who's interested in privacy and security research. His newest tool... Read more...
In what is being described as the largest security breach of 2016, hackers stole over 400 million user credentials spanning two decades of customer data from Friend Finder Network, Inc., the company that owns and operates several adult-themed websites, including the online dating and hookup site AdultFriendFinder.com. This is also the second time in two years Friend Finder has been hacked. The bulk of compromised accounts came from AdultFriendFinder, the "world's largest sex and swinger community," which coughed up more than 339 million accounts. Hackers used a local file inclusion exploit to break... Read more...
Anyone who is looking for a reason to install the Windows 10 Anniversary Update (build 1607) need only consider that there has never been a more secure version of Windows. So says Microsoft, which made the claim in conjunction with a new white paper detailing the ways in which the latest version of Windows protects users from ransomware. According to Microsoft, an increasing number of cybercriminals are turning to ransomware in search of a quick buck. The Redmond software giant points out that the number of ransomware variants has doubled in the last 12 months alone. "Its premise is deceptively... Read more...
Yahoo is again catching fire over a security breach dating back to 2014 that compromised the accounts of 500 million users, though this time the criticism is aimed at Yahoo's lack of timely disclosure. The company fessed up earlier this week that at least some of its employees had knowledge that a cyberattacker backed by a foreign government had hacked into its systems. The disclosure is contained in a filing Yahoo made this week with the United States Securities and Exchange Commission (SEC). In it, Yahoo says it "had identified that a state-sponsored actor had access to the company’s network... Read more...
1 2 3 4 5 Next ... Last