Data Security

Penn State says it was hit with pair of “sophisticated” cyber attacks

Penn State says it was hit with pair of “sophisticated” cyber attacks

Penn State has revealed that it was hit with two major cyber attacks, one of which it determined originated from China. The announcement was made today, with the university saying that it first became aware of the threats on November 21, 2014 after being alerted by the FBI. According to the statement, the FBI alerted the university of a cyber attack taking place on its College of Engineering network. The university is saying that “advanced persistent threat actors” conducted the two cyber attacks, with “at least” one being based in China. The oldest discovered date of intrusion was September of 2012.

Continue Reading

United Airlines is offering 1 million miles in bug bounties

United Airlines is offering 1 million miles in bug bounties

Bug bounty programs are a great way for white-hat security researchers--hackers-- to earn extra cash. The best programs incentivize finding security flaws with cold, hard cash. On the other end of the spectrum, some companies only offer swag in return for finding flaws. A new set of bounties from United Airlines falls squarely in the middle. The company is offering airline miles in return for hunting security flaws. These miles aren't a measly upgrade from economy; you could earn some real travel time for uncovering a serious system flaw.

Continue Reading

Appeals court rules NSA surveillance program illegal

Appeals court rules NSA surveillance program illegal

In March, the ACLU filed a lawsuit against the NSA, claiming their surveillance program was overreaching and illegal. Today, a Federal Court of Appeals has agreed with that assertion, finding the NSA’s practice of data collection “exceeds the scope of what Congress has authorized”. This decision comes well after Edward Snowden began leaking documentation highlighting just how deep and intrusive the NSA’s domestic surveillance program is. In the ruling, Circuit Judge Gerald Lynch wrote “such an expansive concept of 'relevance' is unprecedented and unwarranted”.

Continue Reading

Free Android apps found tracking personal data

Free Android apps found tracking personal data

The Google Play store is a veritable frontier for apps of varying degrees of quality, while Apple tends to rule its App Store with an iron fist, only allowing thoroughly vetted apps to make an appearance. Only apps that are visibly malicious are barred entry to the Google Play store, leaving room for apps that aren't completely honest with their intentions. Perhaps it's time that Google follow Apple's lead and tighten up on the reins a bit, especially considering that a security team found thousands of free Android apps that are sharing user data by connecting with advertising and tracking sites--all unbeknownst to users.

Continue Reading

Google’s Password Alert already patched but still vulnerable

Google’s Password Alert already patched but still vulnerable

Earlier this week, Google released a Chrome extension designed to protect against phishing attacks, particularly the kind that directs users to a page designed to look like one of Google's own login pages. When on one of these fake Google logins, the Password Alert extension was designed to identify that it was a phishing attempt and alert the user that they were about to enter their credentials on a Web page that isn't part of Google. The problem is that the extension itself was vulnerable, and remains that way despite a patch.

Continue Reading

Slack says they’ve had no government requests for data

Slack says they’ve had no government requests for data

News of government requests for data is oftentimes troubling to read. Companies who transmit data typically fall under the watchful gaze of officials who may want to know what some citizens are up to, where those companies get legal requests for all kinds of data, including who we may have spoken with. Slack, the enterprise-focussed chat service, says they’ve not had a single government request for data of any kind. For such a widely used conversation platform, that’s hard to believe.

Continue Reading

Google’s Password Alert Chrome extension foils phishing attempts

Google’s Password Alert Chrome extension foils phishing attempts

Phishing schemes are one of the more popular ways hackers and other nefarious sorts gain access to accounts that are not their own, and despite attempts to educate users on what to look for, these kind of attacks are still largely successful. Google, however, is working to further quash them with the introduction of a new Chrome extension called Password Alert, which points out to users when they attempt to log into their Google account on a website that is not Google’s own.

Continue Reading

Hackers able to steal fingerprints from Galaxy S5, other Android phones

Hackers able to steal fingerprints from Galaxy S5, other Android phones

Fingerprint readers have quickly become commonplace on our smartphones, and while they are touted as offering some of the best security, it seems that may not be true across the board. A group of researchers at FireEye have reported a flaw in certain Android phones like the Galaxy S5 that could allow hackers to steal fingerprint data. Now, before you start panicking and preparing to set your fingerprint-based phone on fire in the name of security, know that this can only take place in extremely limited situations, and as for Android itself, the loophole was already patched with the release of Lollipop.

Continue Reading

Twitter patents hint at new security API, SDK for apps

Twitter patents hint at new security API, SDK for apps

Twitter, who have been quite busy of late updating their service, have filed for a few trademarks that suggest they’re again ready to combat a competitor. With their trademarks for the term “The Future of Identity” and an icon for what seems to be a service concerned with real-time sharing of news and info (that somehow isn’t Twitter), the microblogging platform may be set to take on one (or more) competitors it hasn't yet dealt with. It also fits Twitter’s current ploy to keep us all tied to them via outlier apps and services.

Continue Reading

Prev 1 2 3 4 5 6 7 Next