Items tagged with security

The big news in security (or lack thereof) recently has been the Meltdown and Spectre issues that have plagued Intel, AMD, and Apple. Those aren’t the only security issues that computer users are facing. Security research firm F-Secure has found a new security flaw that it says affects Intel Active Management Technology or AMT. AMT is an Intel proprietary solution that allows remote access or monitoring and management of personal computers in a corporate setting. The tech was meant to allow IT departments in these large organizations or managed service providers to control fleets of computers.... Read more...
Skype has announced something that some users have wanted for a long time: end-to-end encryption for conversations. Skype Insiders can preview the new encryption feature right now, and it's called Private Conversations. With these conversations, end-to-end encryption for audio calls, text messages, images, audio files, and videos are now supported.  Private Conversations uses industry standard Signal Protocol by Open Whisper Systems. When you participate in one of the private sessions, that chat is hidden in notifications to keep what you share private. Microsoft's Ellen Kilbourne wrote, "Give... Read more...
WhatsApp is a communications tool that is used by people all around the world to stay connected for personal and business use. The big draw to the app for many is that it has an encrypted group chat feature, so you don’t need to worry that someone is listening in on what you are saying. However, security researchers have recently found a flaw with the app that could leave those encrypted group chats vulnerable to eavesdroppers. The security researchers do point out that the risk associated with the flaw is limited, because the hackers need to have access to WhatsApp servers to insert themselves... Read more...
The Wi-Fi Alliance has announced that it has added new enhancements and features to WPA (Wi-Fi Protected Access) that will make the feature more secure. The new features include configuration, authentication, and encryption enhancements across the portfolio to ensure that Wi-Fi Certified devices are using state of the art security protections. The Wi-Fi Alliance wrote, “WPA2 provides reliable security used in billions of Wi-Fi devices every day, and will continue to be deployed in Wi-Fi CERTIFIED devices for the foreseeable future. Wi-Fi Alliance will continue enhancing WPA2 to ensure it... Read more...
Chip-level bugs Meltdown and Spectre continue to land chip-maker Intel in hot water. What do you do when every single chip you’ve produced since 1995 is now facing two of the most pervasive bugs your company has possibly ever experienced? Linux creator Linus Torvald brazenly suggests, honesty and complete candid admission of the real issues and solutions at hand, are the only true ways for Intel to navigate this PR and logistics nightmare. Earlier in the week, it was discovered that the two flaws exist in the company's chips dating back a decade or more. Intel has since been scrambling to... Read more...
Security researchers this week dropped a bombshell on pretty much everyone who owns a computer, saying there are inherent flaws in modern processors that could allow an attacker to access sensitive information, including passwords and other contents stored in what's supposed to be protected memory. At first it was reported that only Intel processors were affected, but later analysis has revealed that AMD and ARM chips are flawed as well. It's a stinky situation, right? Well, yes, it certainly is. But it doesn't have to be dire. To quickly rehash, the flaws have been dubbed Meltdown and Spectre.... Read more...
The tech industry is still trying to recover from the fallout surrounding the Meltdown and Spectre vulnerabilities that were disclosed this week. Intel, AMD, Apple, Microsoft, ARM, and other key players in the hardware and software arena have been working for months in secret to patch the exploits, but keen investigative reporting forced the companies to show their hand over the past 48 hours. For its part, Intel says that it is well along in deploying updates to address Meltdown and Spectre exploits that affect its processors. Intel has been working with hardware partners to deliver both firmware... Read more...
Malware writes are a shifty bunch. If anyone needs further proof of that, Symantec has it, in the form of a warning over a new Android "Fakeapp" malware variant that spoofs Uber, the popular ridesharing service, to cover its tracks. While it may look innocent, the Fakeapp malware pulls its usual dirty tricks, including the theft of personal and sensitive information such as credit card details. "The Fakeapp variant we found had a spoofed Uber application user interface (UI) which pops up on the user’s device screen in regular intervals until the user gets tricked into entering their Uber... Read more...
If you've been following the tech or security news for the past few days, then you no doubt know of a security vulnerability that reportedly affects all Intel processors. OS vendors have been working to mitigate the issue with kernel patches, but those software Band-Aids can come with some performance handicaps as a side effect. Today, we're learning more about what exactly is going on, and that there are not one, but actually two vulnerabilities that have been disclosed. It's bad enough that one of them targets Intel processors, but the second affects ALL modern processors as well -- including... Read more...
Are consumers putting too much trust into smart speakers that a monitor their surroundings and send recorded data over the web? That is a question that was recently posed, drawing a comment from the American Civil Liberties Union (ACLU) calling digital assistants and other IoT devices a "triple threat to privacy." Now just a few weeks later, security outfit Trend Micro is putting the call out for better security in IoT devices. Trend Micro set out to see just how safe and secure (or not secure, really) today's IoT devices are, and to what extent an attacker can manipulate these gadgets. In one... Read more...
Fingerprint analyzing software used by the Federal Bureau of Investigation and more than 18,000 other law enforcement agencies in the United States might contain Russian code. The apparent finding comes at a time of heightened security concerns over international spying efforts—just three months ago, the Department of Homeland Security banned all federal agencies from using Kaspersky's security products due to reports of Russian hacking. Image Source: Flickr via Alan Levine Regarding the fingerprint analysis software, a French company injected the Russian code into the program, according... Read more...
NSA whisteblower Edward Snowden has built a security app for Android phones that is mostly geared towards investigative journalists, human rights defenders, and people at risk of being kidnapped or even killed, though anyone with a mind towards security can use it. The app is called Haven, and it leverages the cameras, microphone, and various sensors on a phone to become a portable surveillance device. "Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy. It is an Android application that leverages on-device sensors to provide... Read more...
Imagine locking your front door with a strip of tape. Not even duct tape, mind you, but Scotch tape or an easily tearable strip of masking tape. That would be pretty foolish, right? We don't know of anyone who does that, but astonishingly, the most commonly used passwords to protect online accounts are just as weak. Security outfit SplashData complied a list of the 25 most prevalent passwords of 2017, and topping the list is "123456." That one has been a go-to password for several years now. One of the newer entries, however, is "starwars," which isn't all that surprising given the buzz around... Read more...
We are only months removed from the massive WannaCry cyberattack that hit hundreds of thousands of computers in over 150 countries, crippling some hospitals in the United Kingdom. WannaCry became an overnight global scare after spreading far and wide within the first few hours. Up until now, it was not clear where exactly the worm originated. According to the Trump administration, North Korea is to blame, just as security outfit Symantec suspected months ago. In an op-ed piece published in The Wall Street Journal, homeland security adviser Thomas P. Bossert publicly attributed the massive WannaCry... Read more...
1 2 3 4 5 Next ... Last