Is your data secure? Researchers recently discovered a new variation of the Bleichenbacher oracle attack that could threaten TLS 1.3 encryption. Seven researchers discovered that OpenSSL, Amazon s2n, MbedTLS, Apple CoreTLS, Mozilla NSS, WolfSSL, and GnuTLS utilized TLS protocols vulnerable to attacks. Google's new...Read more...
Until recently, a remote code execution vulnerability in Steam sat unnoticed by Valve for at least a decade, leaving millions of users at risk of attack. Luckily for all involved, it seems that malicious actors were not privy to the security bug either. Valve has since released a patch that partially addresses the...Read more...
The Apple iPhone has become so common with both upstanding citizens and nefarious criminals that law enforcement frequently is faced with trying to unlock the devices of people who are suspects in crimes to gather evidence. For suspects that are deceased, gathering evidence can be a challenge for law enforcement...Read more...
Security researchers at Kaspersky Lab have discovered a rather nasty malware strain that has been hiding in certain wireless routers for over half a decade. Called Slingshot, the security researchers who discovered the malicious code believe the malware is part of a sophisticated cyberespionage campaign.
The...Read more...
For the last few years, flagship smartphones have gotten thinner and sleeker and have dedicated a much larger percentage of their front surface to the screen. Back in 2011, for example, the front surface of a Samsung Galaxy S2 was 64% screen, whereas the front of today’s Galaxy S8 is 84% screen. There are many more...Read more...
Skype has announced something that some users have wanted for a long time: end-to-end encryption for conversations. Skype Insiders can preview the new encryption feature right now, and it's called Private Conversations. With these conversations, end-to-end encryption for audio calls, text messages, images, audio...Read more...
Malware writes are a shifty bunch. If anyone needs further proof of that, Symantec has it, in the form of a warning over a new Android "Fakeapp" malware variant that spoofs Uber, the popular ridesharing service, to cover its tracks. While it may look innocent, the Fakeapp malware pulls its usual dirty tricks...Read more...
A new study has found something very disturbing on some of the top websites in the world. Researchers from the Princeton Center for Information Technology Policy have conducted research that found that over 400 of the top 50,000 websites in the world are using "session replay scripts" to track user behavior. This...Read more...
Equifax may be now getting its public lashings for a cybersecurity breach that resulted in personal information of 143 million Americans being exposed to hackers, but it appears that the Securities and Exchange Commission (SEC) has a few skeletons in its closet as well.
The regulatory agencies announced late last...Read more...
For a long time, Apple's Mac line of computers were thought by some users to be immune to malware and viruses. Some of that was due to hackers and nefarious sorts aiming for the low hanging fruit of the much larger Windows user base. Things have changed with Macs growing in popularity over the years and there are many...Read more...
Many technology companies have in place bug bounty programs that reward security researchers who submit discovered vulnerabilities in the products and services they offer. It is a win-win proposition in which technology companies are alerted to potentially crippling security holes, and hackers are compensated for...Read more...
We took part in an interesting demo this week that was both eye-opening and somewhat alarming. We met with representatives from Synaptics to discuss what we thought would be its latest sensor technology or HCI device, but were treated to a real-world hacking display that would leave most people slack-jawed. Why, you...Read more...
The Internet community was able to breathe a temporary sigh of relief after a 22-year-old security researcher accidentally discovered a way to thwart WannaCrypt, a fast-spreading strain of malware that was stolen from the National Security Agency. After reaching tens of thousands of systems in over 70 countries within...Read more...
For whatever reason, Samsung had only been doling out security updates to unlocked Galaxy devices every three months in the United States. Given the growing threat landscape and attention being paid to mobile, that meant a Galaxy device owner could conceivably wield an insecure device for a quarter of a year, leaving...Read more...
Take a look at your printer. Give it a good stare. Do you trust it? Probably not, considering it jammed the last time you had to print an important paper right up against a deadline. However, what if we told you that your printer just has to sit there on your network to be a very serious security problem? HP Inc...Read more...
It's no secret that Apple places a high value on customer security and privacy, and the company goes to great lengths to make sure that it's a market-leader in both regards. However, even the most careful companies can be exposed to crippling security vulnerabilities. If software contains a previously unidentified bug...Read more...
A cloud security outfit is warning that a new ransomware strain called Stampado has emerged from the underground market and is wreaking havoc on systems. What makes Stampado stand out from the crowd is that it is available on the dark web for only $39 with a full lifetime license. That makes it one of the least...Read more...
Security researchers have found a rather alarming vulnerability in Linux that could ultimately allow an attacker to copy, modify, or destroy the contents of a hard drive, along with with configure the network to exfiltrate data. That in and of itself is cause for concern, but the real harrowing part about this is how...Read more...
When most people buy a sex toy, they're usually not too overt about it. In fact, the mere thought of someone intercepting that package on your doorstep and noting what might be inside is something that could cause serious embarrassment. Sex is unquestionably one of the most private things to most people, so when one...Read more...
If you're a SwiftKey user and have been experiencing some oddities lately: you're not alone. Due to a bug, some SwiftKey users have been receiving some downright bizarre recommendations, including phrases that they never use. Even worse? The software also predicted names and email addresses of other users!
Once...Read more...
Slack, the popular real-time messaging tool, is making it easy for users to register with and log into other services and applications. It's doing that through "Sign in with Slack," a feature that ties a person's Slack account to external services so they can use their same login information. Sounds familiar, doesn't...Read more...
Someone posted a list to Pastebin containing compromised account credentials belonging to a relatively small number of Spotify users. The list, which is few hundred names deep, contains usernames, passwords, emails, account type, and other details, seemingly suggesting the site has been hacked.
The accounts appear...Read more...