Security news that informs and inspires

All Articles

2376 articles:

Kazakhstan HTTPS Interception a ‘Dangerously Misguided Policy’

The Kazakhstan government's efforts to intercept HTTPS connections and eavesdrop on secure traffic is a dangerous policy, experts say.

Privacy

Government Targets Encrypted Messaging Apps in Going Dark Argument

Law enforcement officials and lawmakers asking the technology industry to provide backdoors into encryption products is not anything new, but U.S. Attorney General William Barr did something past officials hadn't done before: Barr specified that the backdoors and workarounds should be in encrypted messaging apps.

Government, Encryption, End to End Encryption

Equifax Settles Data Breach Lawsuits

Equifax settled the various lawsuits from federal and state regulators and consumers related to its 2017 data breach for up to $700 million. Hefty price tag not withstanding, the data for 147-million victims is still out there and there's not much consumers can do about it.

Data Breaches, Finance, Government

Slack Reveals New Details on 2015 Compromise

Four years after an intrusion, Slack has discovered new details about the incident and moved to reseat many users' passwords.

Data Breaches, Passwords

Microsoft Warns Political Orgs of Attacks

There has been a lot of discussion about protecting voting systems so that ballots can’t be changed or manipulated over the past two years, but the attacks Microsoft warned about are not related to the voting process.

Microsoft, Government

Privacy Badger Starts Blocking Google Analytics

The EFF's Privacy Badger browser extension is now blocking Google Analytics through a change to detect cookie sharing.

Privacy

Persistent Cookies Can Prove Troublesome for AWS

A researcher found that some AWS authentication cookies remain valid for up to 12 hours even after a user has changed the password and logged out.

2fa, Cloud

Deciphering Spy Game

Zoe Lindsey, Dennis Fisher and Pete Baker break down the espionage classic Spy Game.

Podcast, Hacker Movies

Moody’s Says Regulation Would Benefit Gas Pipeline Operators

Credit rating agency Moody's weighed in on the security of natural gas pipeline operators, urging that mandatory cybersecurity standards would harden the sector against potential attacks.

Critical Infrastructure Security, Regulation

Privacy Group Asks FTC to Investigate Zoom

EPIC, a privacy rights organization, has filed a complaint asking the FTC to look into Zoom's actions after the disclosure of several vulnerabilities in its Mac client.

Privacy

Mayors Pledge No More Ransom Payments

The United States Conference of Mayors unanimously agreed to not pay any more ransoms following ransomware attacks against municipal networks.

Ransomware, Data Breaches, Disaster Recovery, Backup and Restore

Apple Removes Zoom Web Server From Macs

Zoom executives promise to improve their security response process as Apple pushes a silent update to remove the Zoom web server from Macs.

Apple, Vulnerability

GDPR Impact Lies in Big Fines, Process Changes

While European regulators are showing they are serious about the new privacy and data security regulations as they slap hefty fines against Marriott and British Airways for not properly safeguarding consumer data, fines aren’t the only way GDPR has changed how organizations view online privacy and data security.

Data Privacy, Regulation, General Data Protection Regulation

Zoom Bug Allowed Access to Mac Webcam

A vulnerability in the Zoom client for Macs allowed an attacker to force a victim join a meeting with video enabled.

Vulnerability

iMessage Flaw Can Brick iPhones

A bug in iOS can allow an attacker to brick an iPhone by sending one malicious iMessage.

Ios, Apple