Items tagged with security

At this point, the resetting of a mobile phone to a from-the-factory state is something we have all done, perhaps simply to get a fresh start with a device that has become sluggish and over-burdened with years of downloaded flotsam. But more likely, we do it for the purpose of selling the phone or passing it along to a friend or family member. We rely on such a reset to completely wipe the phone of any trace of our having used it, all settings and sensitive data. The results of a study performed in the UK by University of Cambridge researchers entitled Security Analysis of Android... Read more...
What better way is there to start off a weekend than to hear about a massive data breach? I can't think of one, and thanks to AdultFriendFinder, we don't have to go without. According to UK news agency Channel 4, which traveled to the darkest depths of the Web to discover the issue, it found that the data of at least 4 million AdultFriendFinder members was leaked. Information includes sexual preference, marital status, date of birth, email address, and even home address. AdultFriendFinder isn't taking this issue lightly, as it's contacted local law enforcement and also hired the high-profile security... Read more...
If you thought that there couldn't possibly be more unbelievable stories to stem from Edward Snowden's leaks, you're sorely mistaken. Today, we learn of a truly appalling effort that the NSA and its partners worked together on to intercept Android users' connections to install malware and soak up information. The NSA's partners in crime are part of a group called 'Five Eyes', and in addition to the US, included countries are Canada, the UK, New Zealand, and Australia. Given other revelations that have trickled out in the past, this list shouldn't come as much of a surprise. The UK's GCHQ, which... Read more...
CareFirst, a Blue Cross Blue Shield health insurer, announced on Wednesday that it was the target of a "sophisticated cyberattack," making it the third major healthcare player this year to suffer a security breach. In this instance, CareFirst estimates that around 1.1 million current and former members and individuals who do business with CareFirst online who registered before June 20, 2014, are affected. The health insurer enlisted the help of Mandiant, a leading cybersecurity firm, to audit its systems for any suspicious activity following the recent hacker attacks affecting other health insurers.... Read more...
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations Manipulation"), the vulnerability CrowdStrike uncovered is present in a common component — a legacy floppy drive controller — that is widely used in virtualization platforms and appliances. The seriousness of the VENOM vulnerability rests on how it circumvents an essential barrier used by cloud service providers to segregate customer data. Thus, infiltrators who are able... Read more...
The market may be filled to the brim with image and video sharing websites, but one of the oldest ones, Photobucket, still proves to be a popular choice. As we're now finding out, though, it's a choice you may want to reconsider if you have an account with the service. The US Department of Justice yesterday announced the arrest of two men responsible for developing and marketing software that would allow people to gain access to private photos attached to Photobucket user accounts. The software utilized a legitimate technique called 'Fusking', which enables you to fetch URLs en masse that follow... Read more...
Security firms and anti-malware providers sure do have their work cut out for them, a fact that seems to get emphasized every day. As attackers become more creative, researchers have to dig deep in order to understand how malware manages to hide itself so well. It used to be that static scanners would be suitable enough, but that's hardly the case nowadays. Attackers are becoming even more creative, creating almost ninja-like malware. Take Rombertik, for example. This is a piece of malware that was deeply analyzed by Cisco's Talos Security Intelligence and Research Group that at the high level... Read more...
Researchers from security outfit ESET discovered that several thousand servers running Linux and BSD have unwittingly been sending out spam as a result of a previously undiscovered malware infection. This has been going on for more than 5 years, as the malware was able to stay hidden all this time due to its sophistication and because the spammers haven't been constantly infecting new machines. "We were able to identify victimized system and began the process of notifying its owners," said Lead ESET security researcher Marc-Etienne M. Léveillé. "This is not trivial, as we identified over 8500 unique... Read more...
A serious flaw has been discovered in the software component of some routers that feature a Realtek chipset. In particular, routers that utilize a Realtek RTL81XXX chipset and also use the 1.3 SDK (or older, potentially), are vulnerable to an exploit that could see executable code run as root. Because it's not obvious what chipset most routers will use, ITworld shares an extremely helpful link that will let you search for whichever one you use. It should be stressed, though, that not every affected router may be listed here, and it still hasn't been ruled-out if versions older than the 1.3 SDK... Read more...
It looks like a cyberattack that hit the White House last year by Russian hackers was a bit more serious than originally presented. The biggest takeaway is the fact that president Obama's personal emails were accessed, including both sent and received messages. That's the downside; the upside is that it appears absolutely no classified information had been accessed. This security breach does raise some major concerns, though, ones that the White House have taken extremely seriously. At the time of the attack, officials met on a nearly daily basis to keep apprised of the situation. One official... Read more...
Tesla might seem like it's an invincible company lately, but when it comes to software and social media, it shares the same risks us common folk do, something yesterday's events help emphasize. Nowadays, it's not at all surprising to learn that some company's Twitter account had its security breached, and likewise, it's not surprising to learn that it's happened to Tesla. But where this gets a little unique is with the fact that Elon Musk's Twitter was also broken into, and if that wasn't enough, Tesla's website was compromised, as well. It's clear that those who defaced Tesla's website are not... Read more...
The FTC has just laid the smackdown on yet another company that's been found guilty of exploiting mobile users without their knowledge. The FTC found that the company, called Nomi Technologies, even went against its own privacy policy mere months after it promised not to, in late 2012. Nomi's business model involves working with retail outlets to install sensors in their stores. As a customer walks in, these sensors fetch a phone's MAC address, which is broadcast broadcast via Wi-Fi, and begin to track it. You can see where this is going. With information in-hand, Nomi is able to tell these retailers... Read more...
The House has just passed two cybersecurity bills that should cause some major concern for those who believe the US government's spying efforts have already gone way too far. The House Permanent Select Committee passed the 'Protecting Cyber Networks Act', while the House Homeland Security Committee passed the 'National Cybersecurity Protection Advancement Act'. The two bills will be soon merged and forwarded to the Senate for advancement. The goal of both bills is to help thwart 'hackers' quicker. They could allow companies dealing with an issue to work with other companies, as well as the government,... Read more...
In an effort to lock down our devices with better security, fingerprint scanning is growing in popularity. Unfortunately, as it exists in many current smartphones, including Samsung's previous generation Galaxy S5 device, this type of biometric security may have a severe security flaw, as researchers from security outfit FireEye will present in more detail this week at RSA.According to a report in Forbes, FireEye is planning to talk about how affected handsets encrypt fingerprint data in a separate secure zone. Once the information is in there, it's virtually untouchable by hackers, but it's the... Read more...
Prev 1 2 3 4 5 Next ... Last