British telecoms company Vodafone found backdoors in Huawei equipment
The British telecoms giant Vodafone has disclosed that it found potential backdoors in Huawei equipment used in its telecoms systems multiple times in multiple years. This will fuel fears from many that the Chinese company isn't to be trusted, but it seems Vodafone still backs Huawei.
Can new laws protect you from smart home security breaches?
Smart home devices might be convenient, but they also can put users at risk when a data breach occurs. To help combat those situations, state and federal lawmakers are exploring ways to protect consumers. California, Oregon, and members of the U.S. Senate all have proposals to protect people's data.
Former student uses USB Killer device to fry $58,000 worth of college’s PCs
A former student of the College of Saint Rose was charged with destroying more than $58,000 of computer equipment with a USB Killer device. The former student, an Indian national on a student visa in the U.S., entered a guilty plea and sentencing is scheduled for August.
Microsoft says hackers were able to view Outlook.com emails
Microsoft's Outlook.com email platform saw a massive breach that caused confidential data to be accessed by hackers for months due to leaked customer support login information. Now, it appears the problem might have been much worse than initially thought, and worse than Microsoft admitted.
Internet Explorer zero-day exploit makes files vulnerable to hacks on Windows PCs
There’s a Internet Explorer zero-day exploit capable of letting hackers steal your Windows PC’s files. A security researcher has published evidence of the zero-day exploit online and claims that Microsoft was aware of the vulnerability but opted not to patch it when notified by the researcher.
Apple may take Face ID to the next level, scan retinas for increased security
Apple might take Face ID to the next level in an upcoming device update as new patent filings with the European Patent Office show the company exploring retina scanning. Face ID is already extremely secure, but retina scanning might bring an additional layer of enhanced security to the platform.
Browse safely and securely with Opera’s unlimited VPN on Android
The internet is the new Wild West, and it's best to be protected while you're out there, even on your phone. Opera has added a new VPN to its Android browser, offering an easy way to keep your privacy and data locked up solid, and with no limits on usage or cost, you can keep it on all the time.
Smart home devices are causing more security risks for businesses
Smart home devices aren't just for the home. Businesses are adopting the products, too. Security firm Trend Micro warns each new internet-connected device added, from smart speakers to thermostats and security systems, adds a new potential target for attackers if the devices aren't secured properly.
Microsoft Security reports a massive increase in malicious phishing scams
Microsoft's most recent Security Intelligence Report has found phishing scams on the rise by up to 250 percent. Despite the advent of machine learning to fight such scams, phishing attacks are becoming more complex and remain a security threat to both individuals users and large enterprise organizations.
Apple MacOS hit with yet another critical system security issue
Apple, a company normally held in high stature for its software's security, hasn't had quite a smooth journey over the last few months. Now, the Project Zero team at Google has discovered a severe flaw within the MacOS kernel that could allow data to be manipulated without completely notifying the OS.
Check your ports! Researchers find scary vulnerability in Thunderbolt accessories
Researchers revealed that hackers can target your Mac or PC in a hardware hack by plugging a malicious peripheral into the Thunderbolt port. When the the compromised accessory is attached, hackers can run malicious code to steal your data. As a result, users are advised to stay away from untrusted accessories.
Potentially malicious WinRAR vulnerability patched after almost 20 years
WinRAR, a popular piece of Windows software for managing archival formats, has been harboring a nasty vulnerability for nearly two decades, potentially allowing malicious software to insert items into a computer's startup folder without any needed user permission. Now, it has been patched at a cost.
Consumer groups call out retailers in a bid for better IoT security
Consumer groups posted a "Dear retailer" letter on February 12 that called out Walmart, Best Buy, Amazon, and Target, shaming the companies for selling insecure smart home devices. The letter demands manufacturers implement a minimum standard of security for all IoT devices.
Arlo pulls its 4K security camera from shelves to fix glaring problems
In the wake of early user complaints, Arlo has pulled its 4K home security camera, the Arlo Ultra, from store shelves. Arlo plans to address battery life, connectivity, and streaming problems and re-release the camera when it can ensure reliability and customer satisfaction.
Amid security breaches, Nest urges customers to use stronger passwords
Hackers logged into Nest customers' accounts and spied on them in their own home, and the company's official response is for customers to use stronger passwords and enable two-factor authentication. Even if you haven't been affected by these incidents, it's a good idea to enable two-factor authentication.
Hacker discovers a MacOS exploit that is able to access system passwords
A new exploit for MacOS, known as KeySteal, was discovered by security researcher Linus Henze. The hack can extract passwords and other information from MacOS' Keychain without requiring any form of permission or administrator authentication. As of now, all MacOS systems are vulnerable to the attack.
Latest ransomware targets gamers with a malicious sophistication
The latest malicious piece of ransomware, Anatova, has been discovered by the security team at McAfee, lurking on a peer-to-peer file sharing network. Employing a smart tactic to confuse users and able to clean its tracks as it evolves, this is one tough piece of ransomware that needs to be solved.
How to use iOS 12’s Passwords and Accounts tool to autofill passwords
Keeping track of all your passwords and accounts can be a real chore, especially when you're told you should have a unique password for every site. Who has the brain power to remember all those? If you use an iPhone with iOS 12, then you don't have to keep track. Here's how to use iOS 12's own password manager.
Twitter suffers privacy scare as bug reveals tweets of protected accounts
If you set your Twitter account to private and you have an Android device, you'd better check your privacy settings now. Twitter says it's just fixed a four-year-old bug that flipped the privacy switch to make the account public, though it couldn't say how many users had been affected.
Data breach compromises 773 million records, 21 million passwords
Security researcher Troy Hunt was alerted to a massive collection of breached data that included more than 773 million compromised records. After digging deeper, the breach, now known as Collection No. 1, contains more than 21 million unique passwords and over 772 million email addresses.
Biometric phone unlocks can’t be forced by feds, says U.S. judge
Fingerprint and face unlocks used to not be protected by the Fifth Amendment, but that may be about to change. A judge in California has ruled biometric unlocking methods of all kinds are protected in the same way as passcodes, which could eventually mean a change in wider law to protect user security.
‘Fortnite’ security flaw let hackers spy on players through microphones
A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations from in-game microphone chatter. The flaw has since been fixed, according to Epic Games, but was possible by clicking on malicious links.
Motiv smart ring can use your walking pattern to unlock online accounts
Remember Motiv's activity tracking smart ring? It's back with a raft of new security features that adds biometric identification and token authentication onto your finger. With support for password-free logins, two-factor authentication, and even gait-analyzing WalkID, here's what you need to know.
Forget security cameras — this drone will watch over your house from the skies
Sunflower Labs' innovative smart security system involves a series of outdoor sensors, capable of dispatching an autonomous camera drone to check up on any unusual disturbances. It sounds pretty wild -- and it's on display at CES 2019 for anyone who wants to go check it out.
Arlo expands smart home security lineup with slew of products at CES 2019
Arlo has been upgrading its line of smart home security devices all year, and it's coming to CES 2019 prepared to continue that trend. The security company is showing off the Arlo Ultra 4K security camera, a SmartHub, and a collection of tools including a multi-sensor, siren, and remote.
Today, hacks are annoying. In future smart cities, they could kill
Corporate security breaches are becoming so common that people now accept them as part of a digital future. But for smart cities, system hacks could prove far dangerous for citizens, potentially causing havoc to municipality services. Here’s what companies and cities are doing to secure their systems.
Windows 10 to allow users to pause updates for up to seven days
Windows 10 updates have been a source of consternation, with updates inadvertently deleting files and users being unknowingly opted into beta software testing. But now there is some good news on the horizon for frustrated Windows 10 users, as updates will no longer happen automatically and can be paused.
USB-C to become more secure, fight malicious devices with authentication system
Computers and electronic devices with USB-C ports may have less to fear in the future as the USB Implementers Forum and DigiCert introduces a new security system for the standard. Devices may no longer need to live in fear of malicious flash drives or defective power chargers.
Malware attack delays newspaper deliveries across the country
Last weekend’s newspaper deliveries were late across the country because of a malware attack affecting the Los Angeles Times and other news outlets. The attack infected news production and publishing systems and made it difficult for a number of newspapers to submit their pages to be printed on time.
NYC police to use camera drones for security at Times Square NYE party
For the first time, New York City police will use drones to keep an eye on Times Square for the NYE party, which is expected to attract as many as two million attendees. The drones will be used in addition to traditional anti-terrorism tools like police airplanes and helicopters.
EU to offer bug bounties for finding security flaws in open-source software
The EU will be launching a bug bounty program as part of their Free and Open Source Software Audit project, focused on security issues with open-source software. Bug bounties are a way for companies to check the security of their software by offering cash to freelancers who hunt for security exploits.
Samsung’s Remote Access feature will connect its smart TVs to PCs, phones, more
Samsung announced that it will be introducing a brand new feature for smart TVs in 2019: Remote Access. The feature will use wireless connectivity to allow smart TVs to connect to PCs, tablets, and smartphones and will allow users to remotely control programs or apps from their Samsung TV.
No vein, no gain: Wax hand beats the latest vein-recognition systems
Forget Face ID, the next frontier of biometric security tech could involve reading your vein prints. Or could it? This week, a team of security researchers showcased how the latest vein-reading security systems can be fooled by a fake wax hand containing printed vein details.
Hackers find a way to bypass Gmail two-factor authentication
Two-factor authentication might be a great way to protect your online accounts, but it isn't foolproof. A new report by Amnesty International has found that hackers have begun using full automated tools to not only phish a user's password but their two-factor authentication code as well in the process.