Data Security

Canadian government websites hit with cyberattack

Canadian government websites hit with cyberattack

Following disclosure of a massive breach of government data in the United States (and a second breach), word has surfaced that the Canadian government has undergone its own cyberattack. The attack targeted Canadian government websites and email systems, having been a denial of service attack against the nation's gc.ca server. The cyberattack was confirmed by Treasury Board President Tony Clement, and it affected several agencies in the nation’s government, including the websites of its Transport, Justice, Foreign Affairs, Industry, Employment, and Labor departments.

Continue Reading

SwiftKey hack can remotely take over Samsung mobile devices

SwiftKey hack can remotely take over Samsung mobile devices

Android users on Samsung mobile devices could be vulnerable to a new type of security hack. The security flaw was discovered by Ryan Welton from NowSecure. He detailed his findings at the Blackhat Security Summit in London. The hackable exploit arises from the pre-installed SwiftKey keyboard. As Swiftkey searches for updates to its language packs over unencrypted lines, via plain text, it is susceptible to malicious security apps from any spoofed proxy server. Using this as a keyhole, Welton could scale up the attack to basically take over a vulnerable mobile device while the user remains unaware. The bug affects over 600 million Samsung users, including those using the Galaxy S6.

Continue Reading

LastPass reveals breach that compromised user data

LastPass reveals breach that compromised user data

LastPass has revealed that it was breached recently, and that some account data was compromised as a result. The discovery was made this past Friday when, says LastPass, it found (and subsequently blocked) “suspicious activity” on its network. Encrypted user vault data doesn’t seem to have been taken, says LastPass, and there's also no sign that users' accounts were accessed. Some details pertaining to them, however, like email addresses were compromised, and so users need to update their master passwords among other things.

Continue Reading

US officials reveal second massive hack: security clearance forms grabbed

US officials reveal second massive hack: security clearance forms grabbed

The recent hack of government data, at least according to those who know of the matter, is far worse than previously revealed. At least 4 million people were comprised, it was originally reported, but a recent letter to the OPM indicated that every single federal employee might have had some data stolen, including former federal workers. Now a second hack has been disclosed by sources, and it is said to have involved the theft of data related to intelligence employees and military personnel.

Continue Reading

Documents reveal FBI probe details on celebrity pics leak

Documents reveal FBI probe details on celebrity pics leak

In 2014, there was a big leak involving celebrity pictures that had been garnered from the victims' hacked iCloud accounts. This spurred an investigation, which has been ongoing despite news of the incident quieting down. Now details on what the investigation turned up have been revealed via a federal search warrant that has been unsealed, as well as an affidavit. According to the documents, FBI agents identified a home in southern Chicago as being one of the locations where hacking attempts (which may have been successful) took place, as well as an apartment also in Chicago.

Continue Reading

Stuxnet malware child hits Kaspersky with “zero-day trampoline”

Stuxnet malware child hits Kaspersky with “zero-day trampoline”

While you don't hear the words "trampoline" and "malware" in the same sentence very often, today it's entirely warranted. Moscow-based Kaspersky Lab, a research organization that concentrates on hackers and hacking activity, have discovered a second state-sponsored group of hackers that've created malware derived from Stuxnet. A second, that is, after the USA and Isreali group discovered in 2012, creators of the Stuxnet malware used for hacking international groups, the same malware this new group used to create their own sophisticated worm.

Continue Reading

US government to have all its websites begin using HTTPS

US government to have all its websites begin using HTTPS

As part of a new initiative to maintain security and privacy on its websites, both for users and itself, the U.S. government has announced a plan to make HTTPS a standard for all its public federal sites. The goal is to have all sites using HTTPS encryption by December 31, 2016. The White House is even sharing its proposed and final versions of the policy, posting both on Github, allowing the public to compare for themselves.

Continue Reading

Plex now streams securely over HTTPS

Plex now streams securely over HTTPS

Plex, the media server software that streams your content to different devices in your home, has just announced a big change in the name of security and encryption. Now all streams are to be delivered over an encrypted connection with HTTPS, and even better is that the change is automatic. The company says it has partnered with DigiCert to provide free SSL security certificates to users with media servers, with each one being unique. Users just need to make sure they turned on the "secure communications" option while installing Plex.

Continue Reading

NSA expanded warrantless internet surveillance in attempt to stop hackers

NSA expanded warrantless internet surveillance in attempt to stop hackers

New documents from Edward Snowden have revealed that since 2012, the US's National Security Agency has had an expanded ability to spy on Americans' internet data and communications, with no need to get a warrant. The documents were published in a New York Times article this week, and reveal that the NSA's goal is to find and stop hackers attempting cyberattacks from outside the country. Until now, this program was never disclosed to the public.

Continue Reading

Lycos aims for a comeback with password storing ring and fitness band

Lycos aims for a comeback with password storing ring and fitness band

Lycos, one of the many search engines that didn't make it past the early boom years of the Internet is coming out with some wearable tech devices. The company's current embodiment isn't the same as when it rivaled other mid-1990's search engines like Alta Vista. It was bought by Ybrant Digital in 2010. Lycos' new, wearable Lycos Life devices The Band and The Ring want to be your "personal security manager," storing passwords and personal data in lackluster packaging.

Continue Reading

Matchlight searches for stolen data on the darkweb

Matchlight searches for stolen data on the darkweb

Data theft is a big issue. From the hacking of celebrity photos serious data breaches like the recent hacking of the IRS, unsecured data often ends up in the wrong hands and on the dark net. A new data service, Matchlight, launched last week and claims it can trace the source of a data breach all the way through the underbelly of the internet, the dark web.

Continue Reading

Macs older than 1 year may be vulnerable to security exploit

Macs older than 1 year may be vulnerable to security exploit

A security researcher has just, reportedly, found a way to gain control of Macs using OS X. The exploits allow attackers to remotely overwrite firmware responsible for booting up the device. Once attackers isolate the flaw in a targeted machine, they could control the computer as soon as it boots up. The specific exploit discovered by Pedro Vilaca is explained in detail in an article on his blog. This attack can give a user continuous, low-level control of a Mac without any initial physical access; therefore, hackers from the other side of the globe can exploit your system.

Continue Reading

Prev 2 3 4 5 6 7 8 9 10 Next