Your WhatsApp chats were vulnerable to attacks for months due to GIF exploit
WhatsApp has patched a critical security loophole that left your private messages and media vulnerable to breaches. The bug allowed attackers to remotely access your phone’s storage and all the files it hosts, including your WhatsApp texts, pictures, videos, GIFs, and audio messages.
Spy technology can ID people through walls based on their … Wi-Fi signals?
The idea of using Wi-Fi signals to identify a person through a wall sounds like something out of a Mission: Impossible movie. In fact, it’s a new piece of research coming out of the University of California, Santa Barbara. Here's how it works and why it could be useful.
Doordash data breach affects 4.9 million people, divulges physical addresses
Doordash has disclosed a data breach that occurred earlier this year and affected a massive 4.9 million people. Compromised information included names, email addresses, and even physical addresses. The data breach occurred in May, and does not affect users who signed up for the service after April 5, 2018.
A hacker terrorized this family through their smart camera and thermostat
A family in Wisconsin came home to a modern-age nightmare: their smart home under the control of a hacker who thought it would be some kind of twisted fun to terrorize them. And they aren't the first. Multiple smart homes have been hacked, and Google says it's because users do not use enough security.
Arlo’s new 2K HDR Pro 3 Security Camera System is coming this week
Today, Arlo Technologies, Inc. announced its latest security camera system, the Arlo Pro 3, that will be available later this week. The new system includes a 160-degree field of view, 2K HDR cameras, two-way audio, integrated spotlight with color night vision, an app and an advanced smart hub.
Apple attacks Google for ‘stoking fear’ over iPhone exploit
Apple has published a blog post defending itself against Google's recent report detailing a massive zero day security flaw that allowed hackers to gain access to messages, photos, emails, and more. According to Apple, despite Google's claims, the flaw was only operational for two months.
Hackers used scarily simple way to take over Twitter CEO Jack Dorsey’s account
Twitter CEO Jack Dorsey's account on the social media platform fell victim to an old hacking method named SIM swapping. The attackers, who call themselves the Chuckling Squad, were able to acquire his phone number, which allowed them to tweet out offensive messages before Twitter took back control.
Google says hackers have been able to access your iPhone data for years
Apple iPhones from iOS 10 to recent versions of iOS 12 were open to having messages, images, and location data stolen by hackers through a web-based exploit, according to Google's external security & research blog.
Microsoft opens Chromium Edge bug bounty program with rewards up to $30,000
Microsoft launched a bug bounty program for the new Chromium Edge browser, with rewards ranging from $1,000 to $30,000. The highest reward tier will be given to the researcher who can find a combination of an Elevation of Privilege flaw and a Windows Defender Application Guard container escape.
1.5% of Chrome users’ passwords are known to be compromised, according to Google
1.5% of passwords used in Chrome are unsafe and have been released in data breaches, according to new information from Google. In February, the Chrome browser introduced a feature that checks whether users' passwords are secure. Now, Google has released eye-opening stats gathered from Password Checkup.
Facebook admits to Messenger Kids security flaw but insists it’s fixed
Facebook has confirmed that it missed a design flaw in its Messenger Kids app that meant children could have communicated with users who hadn’t been parent-approved. The error involved group chats, though Facebook says it has now fixed the issue and contacted those affected.
Norton vs. McAfee: Which Antivirus software is best for your small business?
A competent antivirus solution is the first line of defense against potential hacks or virus attacks, and you need something that works effectively for you. Here's a deep dive into the different options available from McAfee and Norton, and what's best for your firm.
Why are current smart TVs still dumb enough to be hacked?
Our smart TVs are amazing devices, able to stream on-demand music and movies, let us surf the web, and even control our smart home devices. But these features come at the cost of security and many of us don't even know there's a risk. Can our smart TVs be hacked? And if so, what can we do about it?
An unknown number of Sprint customers had their personal info stolen by hackers
Some Sprint users had their information hacked from the Samsung.com “add a line” website, according to a letter Spring sent to impacted customers. Sprint said that they were informed of the unauthorized access on June 22.
Why recent hacks show Apple’s security strength, not its weakness
Apple has a reputation for the security of its systems, so you might think the recent stories about vulnerabilities in its platforms could shake that opinion. But the opposite is true: these breaches amply demonstrate Apple’s security strength.
7-Eleven’s mobile payment app shut down after hackers nab $500K from customers
A mobile payment system launched by 7-Eleven in Japan has been forced to shut down just days after launch after it was targeted by hackers. Poor security measures have been blamed for the mishap, which saw 900 customers lose a total of $500,000 in fraudulent transactions.
Researchers discover a worrying security flaw in Zipato smart home hubs
Recent concerns about smart home security aren't misplaced: A pair of security researchers have discovered a vulnerability in a popular smart home hub that allowed them to unlock connected smart locks with just a single line of code.
Insulin pumps recalled for vulnerability; concerns raised over medical IoT hacks
Medical device company Medtronic is recalling a number of insulin pumps after discovering that they are vulnerable to hacks, and there is no way to patch the security holes. The FDA announced the vulnerability in the MiniMed 508 and Paradigm pumps this week, affecting around 4,000 patients.
The Qualcomm Snapdragon 855 has smart card-equivalent security certification
The Qualcomm Snapdragon 855 is Qualcomm's flagship processor for the year, and it's available in a range of smartphones. Now, the chip is certified with a smart card equivalent security rating, which essentially means that manufacturers may not need to include external security chips in their phones.
Hackers conduct prolonged cyberattack against phone network, says security firm
A security company says a prolonged cyberattack against global phone networks, where hackers have apparently collected data related to phone conversations and even the physical location of the device, has taken place. A hacking group, allegedly also responsible for the Cloud Hopper attacks in 2018, has been blamed.
Security vulnerabilities found in three quarters of mobile apps
Three quarters of Android and iOS apps have security vulnerabilities related to insecure data storage, according to a new report. The insecure storage of data from apps could lead to information like passwords, financial details, personal data, and communications being accessible by hackers.
Another vulnerability found in Dell’s security bloatware, users must update ASAP
It's been a rough week for security issues at Dell. A serious security vulnerability in the company's SupportAssist software was disclosed by cybersecurity firm SafeBreach. Dell swiftly released a patch, so if you have a Dell machine, you should update it straight away.
Israeli company claims it can unlock any iPhone up to iOS 12.3 for police
Israel-based forensics firm Cellebrite claimed that its UFED Premium service can unlock iPhones and iPads up to iOS 12.3 and high-end Android smartphones such as the Samsung Galaxy S9. The device will be sold as an on-premises tool, which means that the police will be able to use it any way they want.
NSA warns about Windows exploit, ignores its own role in creation of malware
In a rare occurrence, the National Security Agency (NSA) has published a statement urging people to update their older Windows systems to protect against the BlueKeep vulnerability. The NSA does not typically comment on cybersecurity vulnerabilities in commercial products.
Apple’s new sign-in feature brings a secure way to log in to your iOS 13 apps
Apple is reducing the friction of signing into your favorite app by giving developers access to the company's new sign-in button. Like similar buttons that allow you to sign in with your Google or Facebook accounts, Apple's button makes it easy to log in, but comes with added security and privacy benefits.
Millions of real estate records were publicly accessible due to lax security
A major financial services company, First American Corporation, has left millions of records publicly accessible on its servers. The data included bank account details, bank statements, mortgage records, driver's license images, and Social Security numbers, and was accessible without authorization.
Tor Browser for Android helps you bid goodbye to pesky trackers and advertisers
Staying anonymous online can be tough to achieve, and advertisers and other trackers are constantly following you, trying to grab information on what you're looking at and searching for. Well, not any more. If you want to give trackers and advertisers the boot, download the Tor Browser for Android.
Zombieload forces a choice between performance and security. What will you do?
Intel has handled the recent discovery of a new security vulnerability in its processors with confidence, a stark contrast to its reaction to Spectre and Meltdown from 2018. But with ZombieLoad, the newest iteration of this nasty flaw, we're left with a choice between performance and security.
ZombieLoad is Meltdown resurrected. Here’s how to secure your PC right now
Researchers have discovered four new distinct ways of attacking a computer powered by Intel processors that will leave personal data vulnerable and exposed. Similar to last year's Meltdown and Spectre flaws, the new flaw, dubbed MDS, allows an attacker access to data in the chip's buffer zone.
Twitter sorry for mistakenly storing and sharing some users’ location data
Twitter has revealed that a bug led to it accidentally storing and sharing location data for a number of iOS users. The issue, which has now been fixed, affected those operating more than one Twitter account from the app. The company apologized for the blunder and said it’s contacting those impacted by it.
Update WhatsApp! Sophisticated attack installs spyware with just a call
A WhatsApp vulnerability left Android and iOS devices open to attack from sophisticated surveillance software. The Facebook-owned company said it hasn't yet been able to determine how many people were impacted, and told users to ensure they're running the latest version of the app.
Google I/O: Android Q aims to bring app permissions firmly under control
We've all been there -- an app is asking for permission to access your SMS history, and you're extremely suspicious as to why. Google wants to put an end to permission anxiety in Android Q, and is introducing new permission controls that put you in control of your device's permissions.
Election data is vulnerable. Microsoft’s open source software aims to fix that
Microsoft has a pair of new technologies that it hopes will make the next elections in the United States and abroad far more secure from outside meddling. They help secure important campaign data and could help create a new-generation of secure voting systems to better validate election results.
British telecoms company Vodafone found backdoors in Huawei equipment
The British telecoms giant Vodafone has disclosed that it found potential backdoors in Huawei equipment used in its telecoms systems multiple times in multiple years. This will fuel fears from many that the Chinese company isn't to be trusted, but it seems Vodafone still backs Huawei.