Items tagged with security

NordVPN, widely regarded as one of the best virtual private network (VPN) services, confirmed one of its datacenters was hacked. The security breach occurred over a year ago, in March 2018, though is just now being disclosed to users. Apparently NordVPN used the time between then and now to audit its infrastructure and make sure its operations were secure. Security breaches are always unfortunate, and some might find them especially concerning when they happen to a VPN provider. VPNs are supposed to afford users anonymity on the web. Of course, nothing that happens online is every truly anonymous, though VPNs operate by routing Internet traffic through an alternate, encrypted route. This makes... Read more...
Our homes are increasingly becoming "smarter" with deices like smart speakers, connected light switches, and security cameras that can monitor every inch of your premises. Arlo is looking to give customers a little more piece of mind with home (and package) security with the release of the Arlo Video Doorbell.  The Video Doorbell has a unique 1:1 aspect ratio (1536x1536 resolution), which Arlo says is optimized for "front entry view" of your porch. Arlo says that this arrangement not only allows you to see people that come to your front door, but also packages that are left by couriers (or "head to toe coverage" as Arlo puts it).  The camera on the doorbell also offers a 180-degree... Read more...
Using a screen protector is a common way to help prevent smartphone displays from getting scratched, scuffed, or even shattered. On the Galaxy S10 series, however, it's been discovered that a screen protector can inadvertently prevent the in-display fingerprint sensor from working correctly. The issue was brought to light by Lisa and Wes Neilson, a couple living in the UK. Lisa had purchased an inexpensive screen protector on eBay, applied it to her Galaxy S10, and set up the phone to unlock using her right thumb. But after do so, Wes found he was also able to unlock her phone with either of his thumbs, even though he never registered a fingerprint on the phone. "This means that if anyone got... Read more...
In most instances, if someone gains unauthorized access to your bank account, it is not a good thing. The best case scenario is your bank flags and blocks suspicious transactions and transfers. Or is that the best possible outcome? For Tim Cameron, a 30-year-old UK resident who lost his wallet, having his bank account subsequently hacked was a clever and kind gesture by the person who found it. How can that be? This was not a typical hack in any sense of the word. The good Samaritan who found the wallet made a series of unauthorized £0.01 deposits into Cameron's account, each with a message attached. Deposits at Cameron's bank can contain up to 18 characters, and the person who found the... Read more...
At the CS3sthlm security conference in Stockholm, Sweden later this month, security researcher Monta Elkins, the "Hacker-in-Chief" at FoxGuard Solutions, will demonstrate a proof-of-concept hardware hack involving spy chips implanted onto enterprise IT equipment, with a budget of less than $200. The idea of implanting spy chips onto hardware is not new. Back in 2018, an explosive Bloomberg Businessweek article claimed Chinese spies had installed malicious microchips the size of a grain of rice on Supermicro hardware at the supply chain level, creating a "stealth doorway into any network that included the altered machines." This was concerning because (A) of how difficult it would be to detect... Read more...
Security researchers at Kaspersky have identified a new strain of malware affecting Chrome and Firefox browsers. The researchers say the malware's authors "put a lot of effort" into how it manipulates digital certificates and mucks with outbound TLS traffic, which ultimate compromises encrypted communications. "Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capabilities that few other actors in the world have," Kaspersky says. The malware allows an attacker to wreak havoc on a victim's PC remotely.... Read more...
The 2020 United States presidential election is over a year away, but there have already been several cyberattack attempts against presidential campaigns. Microsoft recently reported that a hacker group attacked nearly 250 accounts related to campaign workers, government officials, and reporters. The affected users have been notified and Microsoft has published information about the attack as a warning for others. The Microsoft Threat Intelligence Center (MSTIC) noted that an Iranian hacker group referred to as “Phosphorus” attempted to identify the owners of more than 2,700 accounts. The hackers then attacked 241 of these accounts and successfully compromised four of them. The accounts... Read more...
Microsoft tends to stick to its traditional patch schedule (Patch Tuesday), and only rolls out an out-of-band update when there are serious issues for some Windows users or big security problems that need to be addressed. Microsoft's latest out-of-band cumulative update has been released for several versions of Windows 10, including the May 2019 Update (version 1903). This particular update is a required security update that "expands the out-of-band update dated September 23rd, 2019." The update also brings with it mitigation for the Internet Explorer scripting engine security vulnerability (CVE-2019-1367). Microsoft notes that the security update includes quality improvements and calls out key... Read more...
A dangerous zero-day vulnerability affecting at least a dozen different Android phone models is being actively exploited in the wild, according to Google's Project Zero team. Attackers who leverage the security flaw are able to gain full control of an affected Android phone. As of right now, no patch for the vulnerability exists (though one is being worked on). Google's own first- and second-generation Pixel phones are among the Android models affected by this. So are a spattering of Samsung Galaxy phones. So far, Project Zero has confirmed the issue affects the following models... Pixel and Pixel XL Pixel 2 and Pixel 2 XL Huawei P20 Xiaomi Redmi 5A Xiaomi Redmi Note 5 Xiaomi A1 Oppo A3 Moto... Read more...
Enabling two-factor authentication (2FA) wherever possible is generally recommended—it helps keeps the hackers at bay, even if your password has been compromised. Better security is a reward in and of itself. Electronic Arts is taking things a step further, though, by gifting a free month of Origin Access who lock down their EA accounts with 2FA. The publisher calls this "Login Verification," but it's the same as any typical 2FA scenario—when you log into your account, EA will send a unique code to your preferred email address, or via text message to your mobile device. You can also opt to receive an automated phone call. Whatever the case might be, that additional step is required... Read more...
Wondering if any of your passwords have been compromised in a data breach? Google is making it easier to quicker to find out the answer to broadening the reach of its Password Checkup tool. Once a standalone extension to the Chrome browser, the handy tool is now integrated into the built-in password manager for your Google account. This is partially an effort to combat the use of weak passwords. As Google accurately points, people have a tendency to use the same password for multiple sites and services, or sometimes add numbers, characters, and punctuation to a core password in order to make the slightly different ones easier to remember. The password manager that is built into your Google account... Read more...
Google has launched another (Go edition) version of Android for entry-level smartphones, built on top of Android 10. It's the second release of a (Go edition) build, and is "faster and more secure" than the previous release that was built on top of Android 9 Pie, Google claims. Part of that claim is tied to a new encryption scheme. Android (Go edition) is not an entirely separate OS—it's a platform designed for smartphones with 1.5GB of memory or less. It features optimizations tailored for lower end handsets to ensure a "high quality" experience without necessitating burlier (and more expensive) hardware. This is part of an broader effort to make lower cost handsets feasible. "In the last... Read more...
On the same day Apple released an incremental update to iOS 13, the company also issued a notice warning millions of iPhone and iPad users of a security issue that has not yet been resolved. The issue affects third-party keyboard apps in iOS 13 and iOS 13.1, on iPhone, iPad, and iPad touch devices. "Third-party keyboard extensions in iOS can be designed to run entirely standalone, without access to external services, or they can request “full access” to provide additional features through network access. Apple has discovered a bug in iOS 13 and iPadOS that can result in keyboard extensions being granted full access even if you haven't approved this access," Apple says. Fortunately,... Read more...
Do you remember the Facebook Phone, aka the HTC First? That device crashed and burned in spectacular fashion. What about the Facebook Portal? That smart display family launched last year in sizes up to 15.6-inches, but it hasn't exactly won over the consumer market like competing entries from Amazon (Echo Show) and Google (Nest Home Hub Max). Facebook is now trying again to prod consumers into buying its first-party hardware, which brings us to the Portal TV and some other new Portal hardware. The Portal TV looks somewhat like a reincarnation of the unloved Microsoft Kinect camera for the original Xbox One. The device plugs into a free HDMI port on your television and allows you to partake... Read more...
1 2 3 4 5 Next ... Last