Data Security

Marriott Starwood system breach exposes information on half a billion people

Marriott Starwood system breach exposes information on half a billion people

Marriott today revealed a massive security breach that affected its Starwood reservation system. The breach played out over four years and potentially exposed the personal information of around 500 million guests. A portion of those affected guests may have had credit card information exposed too, so to say this breach is "pretty bad" would likely be understating it a bit.

Continue Reading

Your browser’s padlock icon doesn’t mean you’re safe from phishing

Your browser’s padlock icon doesn’t mean you’re safe from phishing

If you've ever taken comfort in seeing a padlock in your browser's URL bar, you might want to rethink the trust you put in that little icon. New research shows that an increasing number of phishing sites use Secure Sockets Layer, or SSL, and therefore sport the padlock despite being illegitimate websites meant to steal information. The padlock, then, means a lot less than some people think it does.

Continue Reading

Hospitals, insurance companies leak more health data than hackers

Hospitals, insurance companies leak more health data than hackers

Hospitals, insurance firms, physician offices, and similar companies leak more personal health data than hackers, a new study has revealed. According to researchers with two major US universities, more than half of personal health data breaches resulted from problems with the medical providers themselves rather than an external force, such as hackers.

Continue Reading

Firefox Monitor wants to keep you secure with familiar technology

Firefox Monitor wants to keep you secure with familiar technology

Everyone should be concerned about keeping their various online identities secure, and today, Firefox made that a little bit easier. Working alongside Have I Been Pwned, today Mozilla launched Firefox Monitor. You can use this to see if your email address has been involved in any security breaches, so in that regard, Firefox Monitor mirrors the functionality of Have I Been Pwned pretty closely.

Continue Reading

Google Titan security key goes up for purchase in US

Google Titan security key goes up for purchase in US

Late last month, Google revealed its new Titan security key. Like other security keys, the Titan enables hardware-based two-factor authentication, which in turn offers better security than using a password alone. At the time, Titan was only made available to Google Cloud customers, with Google saying it would go up for purchase at a later date.

Continue Reading

Reddit hackers: What you need to know

Reddit hackers: What you need to know

Today Reddit announced a security incident that occurred in the middle of June. The incident was discovered on June 19th, 2018, and the full extent of the data shared and/or compromised was revealed this afternoon. The incident is particularly important right this minute because of the rise of understanding in the weaknesses in sms-verified authentication.

Continue Reading

SMS two-factor authentication is unsafe – Use these instead

SMS two-factor authentication is unsafe – Use these instead

The revelation of Google’s Titan security key has put the spotlight on a long-existing but not widely adopted technology: physical keys that open the doors to your digital life. FIDO-compatible security keys, strange as they may seem, is just the latest attempt to solve one of the biggest threats to digital security: passwords. But while two-factor authentication is finally gaining a bit of traction, thanks to services enforcing it, they are unfortunately using the least secure medium of all: text messages.

Continue Reading

Google’s Titan security key tackles hardware-based authentication

Google’s Titan security key tackles hardware-based authentication

Yesterday, Google shared a rather surprisingly statistic when it claimed that none of its 85,000 employees have had their work accounts compromised since early 2017. Those are some secure accounts, especially when you consider that they're associated with one of the largest companies in the world and are therefore prime targets for phishing attacks. What was the secret? Google began requiring its employees to use hardware security keys for two-factor authentication.

Continue Reading

Facebook, Google, Microsoft, and Twitter team to take the headache out of data transfers

Facebook, Google, Microsoft, and Twitter team to take the headache out of data transfers

Moving your data between internet services is something that isn't always easy or fast. This is especially true when you're doing something like moving photos between social networks or music libraries and playlists between music streaming services. Today, some of the biggest companies in the world announced that they're going to do something about it, announcing the Data Transfer Project.

Continue Reading

Google Home and Chromecast GPS location leak [Fix Incoming]

Google Home and Chromecast GPS location leak [Fix Incoming]

A security breach was discovered this month by a researcher with an eye on Google Home and GPS location reporting. In his proof of concept, a URL is opened on a computer connected to a Wi-Fi network that's also connected to a Google Home or Chromecast device. If the URL is clicked and the webpage is kept open for around a minute, the user's home GPS location is found - and subsequently exploited.

Continue Reading

Secure Data Act bill may block encryption backdoor orders

Secure Data Act bill may block encryption backdoor orders

Newly introduced bipartisan legislation called the Secure Data Act aims to prevent government access to encrypted data via backdoors. The proposal follows multiple government attempts to get access to encrypted devices, as well as increasing concerns that courts or government agencies could force a company to introduce backdoors into its products.

Continue Reading

Oculus privacy update lets you know what it knows about you

Oculus privacy update lets you know what it knows about you

Facebook as really stirred the hornet's nest when it comes to privacy matters. Now everyone is scrutinizing privacy policies and putting companies under a microscope. You might not immediately think of Oculus as one such company, but now that it is owned by Facebook, it naturally has come under the spotlight as well. It has just announced some changes to its Privacy Policies in light of the upcoming GDPR changes in Europe. Its FAQ, however, makes it too obvious what really caused the change.

Continue Reading

1 2 3 4 5 Next