Items tagged with security

Someone at Microsoft is having one of those Southwest moments where the airlines asks, "Want to get away?" That's because someone at the Redmond outfit leaked a security key that could allow attackers to bypass the protections in Windows devices that are put in place through Secure Boot. Worse yet, now that the genie's out of the bottle, there's no putting it back in. Security researchers MY123 and Slipstream discovered the so-called golden key that they say allows someone with admin rights or with physical access to a system to bypass Secure Boot to install and run their operating system of choice,... Read more...
Go ahead and cue up Cartman's "No kitty, that's a bad kitty!" soundbite, only this time it's not in reference to stealing those delicious Cheesy Poofs. McAfee's mobile malware research division found a sample of ransomware for Android that it's calling "ElGato," and once infected, it can steal a user's SMS messages, among wreaking other kinds of havoc. ElGato has botnet capabilities and a web-based control panel service, McAfee says. It's an ornery piece of software that reveals itself as a humorous image of a cat on infected devices. In addition to silently swiping potentially sensitive SMS messages,... Read more...
MICROS, one of the largest point-of-sale payment systems in the world, has been hacked by a Russian organized cybercrime group with a history of hacking into banks and retailers. The full extent of the security breach is still being evaluated, but given the size and scope of MICROS, this could turn out to be another lucrative payday for the Russian cyber thieves.Oracle purchased MICROS in 2014. At the time, Oracle said its point-of-sale systems were being used at more than 330,000 cash registers around the world, including more than 200,000 in the food and beverage industry, over 100,000 deployed... Read more...
Check Point, the company that's perhaps best known for its ZoneAlarm security software, found four vulnerabilities that put at risk most Android smartphones tablets. Collectively called QuadRooter, Check Point's mobile research team says the set of vulnerabilities affects Android devices that use Qualcomm chipsets, of which there are about 900 million in the wild. Qualcomm is the world's biggest provider of LTE chipsets with a dominating 65 percent share of the LTE modem baseband market. That leaves hundreds of millions of people susceptible to QuadRooter, including owners of the BlackBerry Priv,... Read more...
Some people take Grand Theft Auto V a little too seriously, either that or just live that sort of life for real. Houston police officers have just announced that they have arrested two men accused of stealing at least thirty Dodge and Jeep vehicles with a laptop computer and a simple software hack.  Michael Arce has been charged with with felon in possession of a weapon, possession with intent to deliver a controlled substance and unauthorized use of a motor vehicle. His partner in crime Jesse Zelaya has been charged with unauthorized use of a motor vehicle. The police have been watching them... Read more...
It's no surprise that a number of exploitable security holes still exist in the operating systems we use each and every day. It's just the nature of the beast; we're talking about software that has hundreds of millions of lines of code. Despite a developer's best efforts, it's virtually impossible to release bulletproof software - with all the moving pieces it's just far too complex. What is a bit of a surprise, though, is knowing that a vulnerability exists and that a major corporation (seemingly) has no interest in patching it up. That's the only conclusion we can draw from a bug that still exists... Read more...
Even Apple's software isn't immune to security holes and vulnerabilities. An admission of such by Tim Cook and the gang comes in the form of a new bug bounty program Apple announced at the Black Hat conference today in Las Vegas, Nevada. The program kicks off in September and will offer cash rewards for certain exploits. Apple's interested in vulnerabilities that affect iOS, it's mobile operating system, as well as any that might be present on its latest hardware devices. This is the first time Apple's offered a public bug bounty program with cash rewards, and those who participate stand to earn... Read more...
Law enforcement officials found a way to unlock a murder victim's Samsung Galaxy S6 by using specially printed copies of fingerprints on file from a previous conviction. It wasn't easy thwarting Samsung's biometric security, but with the help of Anil Jain, a professor of computer science and engineering at Michigan State University, the detectives assigned to the case were ultimately successful in tricking the phone's fingerprint recognition.It took several tries and pricey equipment for this to work. The detectives brought the phone and a copy of the victim's fingerprints to Jain with the hope... Read more...
If you're a SwiftKey user and have been experiencing some oddities lately: you're not alone. Due to a bug, some SwiftKey users have been receiving some downright bizarre recommendations, including phrases that they never use. Even worse? The software also predicted names and email addresses of other users! Once this discovery was made, the company behind the software took swift (sorry) action to pull some of its services offline; namely, the cloud-related bits. The company says that the vast majority of users were unaffected by this issue, which is a little reassuring as the software has millions... Read more...
Nothing beats wireless for convenience, but whenever you transmit important data through the air, there's a risk that someone could be nearby, ready to intercept the signals before they reach their destination. If this sounds familiar, it might be because we talked about this very thing earlier this year, when security firm Bastille ousted 'MouseJack', an overly-marketed vulnerability affecting wireless peripherals from major vendors, including Microsoft and Logitech. Well, Bastille is back, this time with 'KeySniffer', another vulnerability (or set of vulnerabilities) that has apparently also... Read more...
Law enforcement officials are seeking help from a professor at Michigan State University with creating a special 3D printed replica of a homicide victim's fingers in order to unlock his phone using his fingerprints. In theory it sounds like a brilliant idea, one that would sidestep the potentially contentious process of trying to get Apple or Google to assist with unlocking the device, only there's a pretty major roadblock that stands in the way. There are safeguards in place that require a passcode if a fingerprint scanner hasn't been used in quite some time. For example, as of iOS 9, Apple added... Read more...
We reported earlier on France's demands to Microsoft with regards to bolstering its Windows 10 OS to better protect user data, and ultimately, their privacy. The fact that a watchdog would target Microsoft for collecting too much data probably strikes no one as a surprise, as that very complaint has been one shared by many users since the launch of Microsoft's latest OS. In the complaint, France's Chair of the National Data Protection Commission noted a couple of big issues, from the fact that the PIN code can be entered as many times as an attacker needs it to be and also that certain mechanisms... Read more...
The same hacking group that claimed responsibility for ticking off every Pokemon Go player on the planet by overwhelming the game's servers with a DDoS attack last weekend is planning another attack. Poodle Corp, as the hacker group calls itself, issued a notice on Twitter that the next barrage on Pokemon Go's servers will take place August 1. Pokemon Go, for those of you who've taken residence under a rock, is a wildly popular mobile game that uses augmented reality. It's really a glorified scavenger hunt, tasking players with catching Pokemon characters by flinging Poke balls at them. The twist... Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just some regular Pokemon game: it's making the masses realize that augmented reality can be really cool. What's not cool, though, is that popular mobile apps are a hot target for malware. And since Pokemon GO hasn't been released worldwide yet, many have taken to the scarier parts of the... Read more...
Prev 1 2 3 4 5 Next ... Last