Android 10: Google Confirms 193 Security Vulnerabilities Need Fixing

Android 10: Google Confirms 193 Security Vulnerabilities Need Fixing

It was also time to address a total of 193 Android security vulnerabilities that Google has confirmed need fixing with the Android 10 release.True to her word, a whole host of new security and privacy features are indeed included as part of the Android 10 release.

A Third of Known Computer Security Flaws Have No Solution

A Third of Known Computer Security Flaws Have No Solution

In the first half of 2019, analysts at computer security firm Risk Based Security (RBS) enumerated a total of 11,092 flaws in computer systems (known as vulnerabilities) that could be exploited by a hacker to take unauthorized actions in another person’s or organization’s system.

Don't Renew Section 215 Indefinitely

Don't Renew Section 215 Indefinitely

That’s despite earlier reports the NSA had shuttered its Call Details Record (CDR) Program because it ran afoul of the law, violated the privacy of scores of Americans, and reportedly failed to produce useful intelligence.

Millions using 123456 as password, security study finds

Millions using 123456 as password, security study finds

Image copyright AFP Image caption Liverpool FC topped the list of Premier League club names used as passwords Millions of people are using easy-to-guess passwords on sensitive accounts, suggests a study.

Ring asks police not to tell public how its law enforcement backend works

Ring asks police not to tell public how its law enforcement backend works

Amazon writes scripts for cops to sling Ring home cameras, report says Law enforcement has access to a companion portal that allows police to see an approximate map of active Ring cameras in a given area and request footage from them in the course of an investigation.

Google and Mozilla move to stop Kazakhstan 'snooping'

Google and Mozilla move to stop Kazakhstan 'snooping'

It comes after reports internet services providers in the country have required people to install a government-issued certificate on all devices and in every browser.

First half 2019 sees 4,000 data breaches exposing 4B records

First half 2019 sees 4,000 data breaches exposing 4B records

The 2019 MidYear QuickView Data Breach Report by Risk Based Security found that there were 3,816 data breaches during the first six months of the year, up 54 percent, resulting in 4.1 billion records being compromised, up 52 percent.

Popular Porn Site Breach Exposed 1.2 Million 'Anonymous' User Profiles

Popular Porn Site Breach Exposed 1.2 Million 'Anonymous' User Profiles

Researchers from vpnMentor have discovered a data breach at the popular Luscious porn site that exposed the personal profiles of 1.2 million supposedly anonymous users.

Apple accidentally reopens security flaw in latest iOS version

Apple accidentally reopens security flaw in latest iOS version

Stefan Esser, an iPhone security expert, tweeted an additional warning: “I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what apps they download from the Apple AppStore.

Microchipping your employees will always be dehumanizing — and pointless

Microchipping your employees will always be dehumanizing — and pointless

But it’s absurd to think that the “human-embedded option,” which is basically a code (private key) embedded in an RFID chip, the same one you use to access your gym, is the wave of the future.

Why You Should Never Borrow Someone Else's Charging Cable

Why You Should Never Borrow Someone Else's Charging Cable

For the moment, Henderson says, a bigger threat than malicious charging cables is USB charging stations you see in public places like airports.Many travelers know that, in a pinch, the hotel front desk will often have a drawer of charging cables that were left behind by guests.

Cybersecurity Protections for SMBs Found to Be Lacking

Cybersecurity Protections for SMBs Found to Be Lacking

The ransom demand is also likely to be considerably higher than the cost of cybersecurity protections for SMBs to prevent ransomware attacks.

1.5% of Chrome Users' Passwords Are Known to Be Compromised

1.5% of Chrome Users' Passwords Are Known to Be Compromised

1.5% of passwords used in Chrome are unsafe and have been released in data breaches, according to new information from Google.In February, a new feature was introduced to the Google Chrome browser which checks whether users’ passwords are secure.

Sending encrypted data with sound

Sending encrypted data with sound

With this question in mind, let’s take a look at the properties of sound and how industry-standard encryption can be applied to acoustic data transfer to render it secure and safe from the risk of prying ears.

A new clothing line confuses automated license plate readers

A new clothing line confuses automated license plate readers

Garments from Adversarial Fashion feed junk data into surveillance cameras, in an effort to make their databases less effective.In a talk, she explained the that hoodies, shirts, dresses, and skirts trigger automated license plate readers (ALPRs) to inject useless data into systems used to track civilians.

Kaspersky AV injected unique ID that allowed sites to track users, even in incognito mode

Kaspersky AV injected unique ID that allowed sites to track users, even in incognito mode

A case in point: for almost four years, AV products from Kaspersky Lab injected a unique identifier into the HTML of every website a user visited, making it possible for sites to identify people even when using incognito mode or when they switched between Chrome, Firefox, or Edge.

Google Android Adware Warning Issued To 8 Million Play Store Users

Google Android Adware Warning Issued To 8 Million Play Store Users

The Google Play Store hosted 85 apps ridden with adware, which were downloaded by 8 million users.Today is no different: Security researchers at Trend Micro have revealed that the Google Play Store hosted 85 app ridden with adware.

Huge Survey of Firmware Finds No Security Gains in 15 Years

Huge Survey of Firmware Finds No Security Gains in 15 Years

CITL researchers studied publicly available firmware images and evaluated them for the presence of standard security features such as the use of non-executable stacks, Address Space Layout Randomization (ASLR) and stack guards, which prevent buffer overflow attacks.

Alarm as Trump Requests Permanent Reauthorization of NSA Mass Spying Program Exposed by Snowden

Alarm as Trump Requests Permanent Reauthorization of NSA Mass Spying Program Exposed by Snowden

The administration claimed in its letter to Congress—which was signed by outgoing National Intelligence chief Dan Coats—that the NSA has suspended the spying program, but Free Press Action government relations director Sandra Fulton said in a statement that this "should give little comfort to those whose privacy rights are routinely violated by authorities.".

Trump administration reportedly wants to extend NSA phone surveillance program

Trump administration reportedly wants to extend NSA phone surveillance program

Getty Images The Trump administration has reportedly asked Congress to permanently reauthorize all provisions of the USA Freedom Act, including a controversial National Security Agency program that collects and analyzes records on millions of Americans' calls and texts in an attempt to thwart terrorists.

MiFi 4G hotspots are vulnerable to hacking, use a VPN to protect yourself

MiFi 4G hotspots are vulnerable to hacking, use a VPN to protect yourself

A DEFCON 27 talk by Pen Test Partners revealed command injection and remote code execution vulnerabilities in popular 4G hotspots and MiFi routers made by ZTE, Netgear, TP-Link, and Huawei.

Kasper-Spy: Kaspersky Anti-Virus puts users at risk

Kasper-Spy: Kaspersky Anti-Virus puts users at risk

A strange discovery on my office computer led me to unearth an astonishing data leak caused by Kaspersky's antivirus software.The data leak allowed websites to unnoticeably read the individual ID of Kaspersky users.

Major breach found in biometrics system used by banks, UK police and defence firms

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Windows Defender ranked one of the best antivirus solutions

Windows Defender ranked one of the best antivirus solutions

In the German independent research institute’s May/June 2019 ‘best antivirus software for Windows Home Users’ report, Windows Defender is one of four products to receive perfect 6 out of 6 scores in the protection, performance, and usability categories.

Hackers have worked out how to exploit security flaws in hook-up apps

Hackers have worked out how to exploit security flaws in hook-up apps

Security experts have issued a warning after three gay hookup apps - including Grindr - and a threesome app were found to expose users' exact locations, just by knowing the publicly available username.

Is America Finally Ready For A Surveillance-Free Smartphone?

Is America Finally Ready For A Surveillance-Free Smartphone?

If you follow the funding strategies for technology companies and the darlings of Silicon Valley, you know the smartphone space is a tough nut to crack.The company exists to serve a core mission—for Purism, the security and privacy of its customers—above a profit motive.

State-sponsored cyber spies targeting IoT - a warning from Microsoft

State-sponsored cyber spies targeting IoT - a warning from Microsoft

Back in April, Microsoft security researchers observed the infamous Russian-backed hacking group STRONTIUM (also known as Fancy Bear or APT28) compromising popular IoT devices (a VOIP phone, an office printer, and a video decoder) across multiple customer locations.

There is more than only black and white in information security and privacy

There is more than only black and white in information security and privacy

When it comes to information security and privacy, some people specialized in spreading black and white thinking.The new filter bubble, inflated by black and white thinking of like-minded people, is proclaimed as the only truth.

Senator Wyden to AT&T and T-Mobile: You Don’t Need to Store So Much Customer Data

Senator Wyden to AT&T and T-Mobile: You Don’t Need to Store So Much Customer Data

"I write to ask that you protect your customers’ privacy—and U.S. national security—from foreign hackers and spies by limiting the time you keep records about your customers’ communications, web browsing, app usage and movements," Wyden's letter addressed to the CEOs of each teleco reads.

How safe are school records? Not very, says student security researcher

How safe are school records? Not very, says student security researcher

Among one of the more damaging issues Demirkapi found in Follett’s student information system was an improper access control vulnerability, which if exploited could have allowed an attacker to read and write to the central Aspen database and obtain any student’s data.

More