security

eBay for iOS adds Touch ID support and ‘One Time Password’

eBay for iOS adds Touch ID support and ‘One Time Password’

eBay has updated its mobile apps, and while the Android update is pretty small (it just adds Android Wear support), the iOS update adds a couple of big features: support for Touch ID and a new one time password feature. Both features aim to improve the app’s overall security, and the Touch ID support in particular has long been requested by users. The one time password option will also be coming to the desktop and Android versions of the service.

Continue Reading

Android’s ‘Verify Apps’ feature may keep QuadRooter threats at bay

Android’s ‘Verify Apps’ feature may keep QuadRooter threats at bay

Yesterday we told you about a rather scary set of vulnerabilities that could potentially threaten as many as 900 million Android devices. Known as "QuadRooter," the set of four vulnerabilities was discovered in Qualcomm drivers, lending to how widespread the threat is. However, today we're getting confirmation that a feature introduced way back in Android 4.2 Jelly Bean could stop QuadRooter in its tracks, and it was designed specifically for scenarios like this.

Continue Reading

Airport lounges can be duped easily by fake QR codes

Airport lounges can be duped easily by fake QR codes

QR codes, like barcodes, are becoming more ubiquitous thanks to their convenience and how much data they can compress in such a small space. However, they are not exactly the most secure, not even the most accurate, method of identification. That was part of the point that security expert Przemek Jaroszewski made in his Defcon presentation, demonstrating how a fake generated QR code was able to easily fool an automated security reader in one of the places where you'd expect things to be exclusive and secure: an airport lounge.

Continue Reading

Oracle hack could impact payments for hundreds of thousands of businesses

Oracle hack could impact payments for hundreds of thousands of businesses

There's some potentially bad news for a lot of Oracle customers surfacing today, as it seems the company has fallen victim to a data breach. According to KrebsOnSecurity, the breach affected Oracle's MICROS division, which provides point-of-sale systems and support for many businesses around the world. In fact, the number of locations using MICROS around the world comes in at more than 330,000, spread across 180 different countries.

Continue Reading

‘QuadRooter’ vulnerabilities put 900m Android users at risk researchers say

‘QuadRooter’ vulnerabilities put 900m Android users at risk researchers say

A research team at Check Point has detailed a new set of Android vulnerabilities that could potentially leave as many as 900 million users exposed to security threats. More specifically, the set of four vulnerabilities - dubbed "QuadRooter" by Check Point - is found within Qualcomm chips, which becomes a major problem when you realize that Qualcomm chips are used in 65% of Android devices.

Continue Reading

Samsung Pay MST tech shown to be susceptible to theft, fraud [UPDATE]

Samsung Pay MST tech shown to be susceptible to theft, fraud [UPDATE]

Samsung Pay has surprisingly been enjoying a significant amount of popularity and support in the US, rivaling even Apple Pay. Part of its success can perhaps be attributed to its Magnetic Secure Transmission or MST, a technology it acquired from LoopPay, which allows Samsung Pay to be used with traditional magstrip-based terminals. It seems, however, there might be a very high price to pay for that convenience. In a talk at the Black Hat security conference in Las Vegas, researcher Salvador Mendoza showed how easy it was to steal Samsung Pay's MST data so that hackers and thieves can use credit card data with almost no restrictions.

Continue Reading

iOS 9.3.4 update credits Team Pangu for closing jailbreak hole

iOS 9.3.4 update credits Team Pangu for closing jailbreak hole

The irony of Apple's latest security bulletin is perhaps not lost on the jailbreaking community. A mere days after the said community rejoiced over the release of a jailbreak tool for the current iOS 9.3.3, Apple releases an iOS 9.4.4 update that, though not explicitly saying so, practically plugs up the exploit used to jailbreak the iPhone. As if adding insult to injury, the bulletin specifically names Team Pangu, the popular hacking team devoted to jailbreaking iOS.

Continue Reading

Apple jumps on the bug bounty train. Somewhat.

Apple jumps on the bug bounty train. Somewhat.

Apple is turning a new leaf as far as security it concerned. No, don't worry, it still has a firm stance on encryption. But now it is, for the first time, also looking outward for help in keeping its software and services more secure. At the Black Hat cyber security conference in Las Vegas, which is also unusual for Apple, it announced that, at long last, it will have a bug bounty program. That said, it's not yet open to everyone, which makes the $200,000 prize somewhat of an unreachable dream.

Continue Reading

Galaxy Note 7 iris scanner beans spilled

Galaxy Note 7 iris scanner beans spilled

Certainly, the big news so far this week has been the launch of the new Galaxy Note 7 smartphone from Samsung, which we spent some hands-on time with. This device was long rumored and a slew of those rumors focused on the fact that the Note 7 would have a fancy iris scanner in it for security. We even say a video leak of a guy showing us how the iris scanner would work. Now that the Note 7 is official, Samsung is offering up all the details on its iris scanner.

Continue Reading

Yahoo investigating hacker’s claims of massive data breach

Yahoo investigating hacker’s claims of massive data breach

Those of you with a Yahoo account may want to reset your password, as the hacker behind the recent MySpace and LinkedIn data dumps is claiming that he has the details of 200 million Yahoo accounts. He's ready to sell too, posting the lot on the dark web with an asking price of three bitcoins, which amounts to around $1,800.

Continue Reading

Android now watches user accounts, tattles with notifications

Android now watches user accounts, tattles with notifications

Android devices will soon be working with native notifications that'll tell their user that their account has been used on a new device. When a user signs in on a new device, every other device they have (on Android) will see a notification telling them that they've had a sign-in on a new device. This will be helpful for people that are in danger of having their account stolen, as they'll already be aware of every time they themselves sign in, but will be able to protect themselves at first sign of any unusual activity.

Continue Reading

iOS Pangu Jailbreak accused of unauthorized credit card access

iOS Pangu Jailbreak accused of unauthorized credit card access

Jailbreaking iOS gets a lot harder with every new release, so when a popular jailbreaking tool like Pangu releases one for the current iOS 9.3.3, there is unsurprisingly no small amount of rejoicing and excitement around it. Unfortunately, it seems that the euphoria was premature, as a number of jailbreakers discovered to their shock that there have been unauthorized accesses to critical private information, like credit cards, PayPal, and Facebook after they have jailbroken their iOS devices using the tool released by Pangu.

Continue Reading

Prev 1 2 3 4 5 6 7 Next