Items tagged with security

Using two-factor authentication (2FA) is generally regarded as a superior way of securing an account than using a password alone, but even adding that extra layer of security comes with its own unique risks. This was highlighted in a recent security breach in which tens of millions of SMS text messages were exposed. Some of those text messages contained 2FA codes. All of those text messages sat on a server belonging to Voxox, a communications firm located in San Diego, California. Voxox is wholesaler of SMS, voice, VOIP, and cloud communication services for small businesses. One of the things it... Read more...
AI can be a good thing or a bad thing, depending on what the AI is designed to do. Many AIs are meant to do things like help doctors diagnose disease, though other AI technologies can be turned towards more nefarious deeds. For example, a team of IEEE researchers has devised a method of harnessing an AI to generate fake fingerprints that work like a master key, to bypass the biometric locks that are employed on smartphones. The team notes that the attack using their AI-driven method can be issued against random devices "with some probability of success." OnePlus 6T In-Display Fingerprint Scanner... Read more...
Some of Google's major services unexpectedly went offline for a period of time on Monday, apparently resulting from a tiny ISP in Nigeria inadvertently hijacking certain internet traffic. Referred to as a BGP (Border Gateway Protocol) hijack, traffic that should have found its way to Google's servers instead pinged Nigerian ISP MainOne Cable Company. At issue is that MainOne Cable was hosting over 200 Google network prefixes, resulting in traffic not going to where it was supposed to. This is what we know: Starting at 2018-11-12 21:12 UTC Nigerian ISP AS37282 'MainOne Cable Company' leaked 212... Read more...
Researchers from Radboud University in the Netherlands have announced a flaw that affects some SSDs that feature hardware-based security; the flaw could allow an attacker to completely bypass disk encryption. Bypassing the encryption would give the hackers full access to the local data without having to know the password for the disk. The researchers are clear that the flaw only affects certain SSD models that have hardware-based encryption. SSDs with hardware-based encryption have specific chips inside that handle the task of encrypting and decrypting data. The vulnerabilities that researchers... Read more...
Facebook is the most popular social network out there, and seemingly the one with the most privacy issues. Last month a data breach impacted as many as 90 million user accounts with Facebook eventually claiming about 30 million accounts had been affected. Another security breach was announced in September with that breach affecting over 50 million users; a tool was offered to allow Facebook users to determine if their account was hacked. A new report has now surfaced that claims the private messages from 81,000 hacked Facebook accounts are for sale. Word of the hack surfaced from the perpetrators... Read more...
Apple recently began pushing out a new update to its mobile operating system, iOS version 12.1, and unfortunately it comes with a bug that allows an attacker to access an iPhone's full contact information without ever having to enter a passcode. It's a rather simple exploit that doesn't require any programming experience. All it does require is physical access to the phone that is being targeted. The exploit is rather simple—an attacker just needs to initiate a phone call and then switch to FaceTime as soon as it connects. From there, they can go to the bottom of the screen and select "Add... Read more...
It's not common to find free software that appears to be as feature-rich and capable as the commercial competition, but where Windows Defender is concerned, it's arguably one of the best free antivirus and anti-malware solutions out there. Many have come to trust it so much, that they don't even run an additional anti-virus solution, and Microsoft takes that responsibility seriously by constantly iterating on the software's capabilities. In a brand-new Windows Insider build, a massive overhaul of Defender can be found. After years of figuring out the best direction to take Defender, Microsoft decided... Read more...
Android users know that not all devices receive the security updates that Google puts out in a timely manner. Slow updates are especially common when the devices start to age or when devices aren’t that popular, and the manufacturer moves on to the next greatest thing. Google contracts have leaked that show it is now forcing Android device makers to guarantee security updates are offered for the smartphone no matter if it's a cheap low-end device, a mid-range smartphone like the recently unveiled Samsung Galaxy A9, or a high-end device like the Galaxy Note 9. Under the Google contract, all... Read more...
With the new EU laws in place regarding personal data use, more and more major tech firms are giving users outside Europe the ability to see what personal data is being collected about them and what that data is used for. Apple recently made changes to its privacy page giving users in the U.S. access to the same tools that users in the EU have access to for seeing what data is used. Google has now announced that it is making it easier for users to understand and control their data from directly within its products. Google rolled out the first step for privacy and security earlier this year when... Read more...
It does not seem all that farfetched that one day even your toaster will connect to the web and download crusty designs to sear into your bread. We have entered the Internet of Things (IoT) era. The focus on IoT devices can lead to some fun and interesting things (and of course useful), but also comes with added risk. To that end, security researchers warn of newly discovered vulnerabilities affecting one of the most popular IoT platforms out there. That platform is FreeRTOS, which is widely used in a range of IoT and embedded devices. FreeRTOS is a real-time operating system kernel with a small... Read more...
One aspect of smartphones that largely gets overlooked is security. For many consumers, the technical details surrounding stronger encryption just isn't as interesting as advancements in camera technology and other prominent features. For those who do care to know more, however, Google wrote a blog post describing its Titan M chip that is the backbone of security for its recently launched Pixel 3 and Pixel 3 XL handsets. "Last year on Pixel 2, we also included a dedicated tamper-resistant hardware security module to protect your lock screen and strengthen disk encryption. This year, with Pixel... Read more...
Privacy is a very big deal for millions of people around the world who use mobile devices and social media. The challenge for many people is knowing exactly what data social networks and devices are collecting from you. Apple is trying to make it easier for users of its devices to see what is being gathered and stored, and to facilitate that sharing of information the privacy page has been revamped in the U.S. The verbiage on the page hasn’t changed from what was there before; Apple still says that it sees privacy as a "fundamental human right." The big change comes in the expansion of the... Read more...
Being security conscious has always been important, but in recent years, it's become downright imperative. Hacks and leaks are happening at an alarming rate, which means we all need to be more cognizant about our digital security every day. When an incident does end up taking place, we also need to be on top of things, enacting recovery plans and swift damage control efforts. At the very least, it means a password change for the affected service would be in order. However, there are other steps you'll want to consider for social networking services like Facebook that stores a massive amount of... Read more...
At least for the time being, it looks like the mad rush to buy graphics cards for cryptocurrency mining and leave gamers with overpriced options is in the rear view mirror. That doesn't mean cryptocurrency mining doesn't still present an annoyance in some sectors, though. Security researchers warn that cryptocurrency malware is currently hiding in a fake Adobe Flash update that is making the rounds. Adobe Flash can't disappear fast enough. In the meantime, it continues to present security issues, sometimes directly through discovered vulnerabilities, or in this case preying on the vigilance of... Read more...
1 2 3 4 5 Next ... Last