Items tagged with security

We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most often, customers do not have control over the firmware in such devices. If a vulnerability is found and patched, it's up to the ISP to issue it, automatically. As you might imagine, this could lead to some serious problems if your ISP isn't too on top of things. A great example of this is brought forth by security researcher Bernardo Rodrigues. He found that with... Read more...
Let me start by saying that Siri and I have a solid relationship. If I need directions to a place I've never been before or a reminder set, she dutifully obliges every single time. I like that. But if Siri turns on me and starts sharing my personal info without my permission, as a major security firm says is possible, we're going to have problems. Trend Micro, makers of self-named antivirus solutions, points to a flaw in Siri's software that takes only seconds to exploit. In doing so, anyone can tap into a Siri-enabled iOS device and get access to the owner's full name, email, phone number, and... Read more...
Rarely does a day pass when we don't write news about something that should reaffirm your belief that security is something to be taken seriously. Whether it's an online game, a retailer, or a bank, we've seen time and time again that no security put in place is bulletproof. That means that we need to do everything we can to at least give ourselves the best defense. In recent years, two-factor authentication has really taken off, and for good reason. What it does is render a password alone useless, something extremely useful if that's all of the information an "attacker" has to exploit. With two-factor... Read more...
Have you ever seen a browser littered with toolbars and other junk that doesn't belong? A common trick used by malware and adware writers is to inject DLLs (Dynamic Link Libraries) into the browser, which bypass the built-in interfaces for settings controls. Microsoft is determined not to let that happen in its Microsoft Edge browser for Windows 10. Back in May of this year, Microsoft announced that Edge wouldn't support certain legacy technologies found in Internet Explorer, including ActiveX, VBScript, Browser Helper Objects (BHOs), and other things that could be exploited. That decision not... Read more...
In the "vast majority of cases," when the U.S. government is made aware of a software vulnerability, it discloses that information to the vendor so that it can issue a patch to the public. What constitutes a "vast majority?" Nine times out of 10, or 91 percent of the time, according to the U.S. National Security Agency's own books. What about the other 9 percent of the time? The zero-day threats the NSA doesn't disclose are those that the vendors fixed before they were notified or, simply put, don't get disclosed in the interest of national security. "The National Security Council has an interagency... Read more...
Security firm Lookout has just revealed what could be one of the most hard-hitting pieces of malware to ever hit Android. It doesn't have an official name, except to be referred to as "trojanized adware", and right from the top, we can tell you that if you only stick to downloading apps through Google's Play Store, you have nothing to worry about. There are two things that make this piece of malware so severe. First, it's effectively wrapped around legitimate apps. Users can download these, such as Facebook and Snapchat, and install them normally. Nothing will look out-of-the-ordinary, and Google... Read more...
Apple's operating systems might be considered as some of the most secure on the planet, but as has been proven time and time again, nothing is bulletproof. Not even the company's latest iOS build, it seems. ZERODIUM, a firm that rewards those for finding unknown bugs, has just announced that a team has secured its rights to a bounty worth a staggering $1 million, or roughly the equivalent of 1,333x 16GB iPhone 6S Plus units. Speaking of which, if you are in the dark about what the 6S Plus brings to the table, check out our in-depth review. In order to succeed in ZERODIUM's challenge, the attackers... Read more...
Going on a bug hunt might not sound like the most exciting thing in the world, but for Project Zero, the name for a team of security analysts tasked by Google with finding zero-day exploits, a good old fashioned bug hunt is both exhilarating and productive. As a result of Project Zero's efforts to root out bugs in Samsung's Galaxy S6 Edge device, owners are now more secure. In a blog post describing the bug hunt, Project Zero (correctly) notes that the majority of Android devices are not made by Google, but by third-parties known as Original Equipment Manufacturers, or OEMs. Having researched vulnerabilities... Read more...
It could be argued that the "masses" didn't quite understand the importance of protecting themselves digitally until Edward Snowden blew the whistle on the unparalleled spying efforts of the NSA a few years ago. The problem, though, is that while for the experienced user, it's almost fun setting everything up to protect themselves, the regular user will feel immediately overwhelmed. A new router called Veiltower aims to fix that. Veiltower is an interesting looking router that's designed to intercept traffic from your ISP's router and put it through multiple layers of security before it reaches... Read more...
It's hard to argue that "Internet of Things" (IoT) devices can enrich our lives. From making it easier to moderate temperature in our homes to securing them, IoT is going to be a big part of our future. Unfortunately, that does lead to one problem: as more and more devices get rolled out, the inevitability is that we're going to encounter more and more vulnerabilities. Once such example is with security cameras, of which security firm Incapsula estimates there are 245 million operating around the world. This isn't the first time vulnerabilities have been discovered with such cameras. Back in 2013,... Read more...
The fight between the Department of Justice and mobile OS creators continues, and as it stands right now, things are not looking so great on the vendor side. Over the past few years, and the past year especially, both Apple and Google have been battled against for allowing users of their respective OSes to encrypt their data, and in effect make it impossible for law enforcement to rummage through. Fortunately, both companies have been battling against this on behalf of consumers; rather than back down, both companies have actually strengthened the security, namely by making encryption default in... Read more...
Another day, another high-profile security breach. This time the breach occurred across the pond at British telecom giant TalkTalk. TalkTalk is the United Kingdom’s second largest “quadruple play” service provider (offering phone, TV, broadband Internet and mobile phone service) behind Virgin Media. Given its massive size and its millions of customers, TalkTalk was a prime target for cyberattackers, and unfortunately, the company made it all too easy for the breach to occur. TalkTalk reported today that it is working in conjunction with the Metropolitan Police Cyber Crime Unit after it experienced... Read more...
It's been an exciting week for BlackBerry, its fans, and those who've been wanting to see the company score some big success with a new smartphone release. Kicking the week off, the company's PRIV smartphone was shown off in good detail, which included specs in addition to a close-up of the hardware design. Continuing that, we learned yesterday about what "PRIV" is all about: privacy, and security. That isn't just marketing; BlackBerry has gone to pretty impressive lengths to make sure that PRIV is indeed the world's most secure Android consumer phone. Being that PRIV sports high-end specs, a hardware... Read more...
With its upcoming PRIV smartphone, BlackBerry needs to strike the right chord with people. While the company was once a giant in the smartphone market, it's taken a nosedive in recent years, and has yet to deliver a product that anyone would consider a "win". Fortunately, PRIV does boast a couple of fantastic perks. For example, PRIV is a high-end model, sporting a Qualcomm 808 SoC under the hood, 3GB of memory, 32GB of storage, 18 megapixel rear camera, and a mammoth 3,410mAh battery. At 5.4-inch, it could also be argued that it's the ideal size for the businessperson or regular folk that want... Read more...
Prev 1 2 3 4 5 Next ... Last