security

Signal has surreptitiously declared war on smartphone data extraction tool Cellebrite, dropping heavy hints that it will update its secure messaging app in a way that could compromise any law enforcement use of the controversial analyzer. Cellebrite offers one of a number of data analysis devices - also known as phone hackers - which promise to pull out messaging logs, call and SIM records, and more from iPhone and Android handsets.

Continue Reading

A letter submitted by insurance company Geico to the California attorney general's office details a data breach that took place earlier this year, exposing customers' driver's license numbers. The letter doesn't include certain pertinent details such as how many people were potentially impacted by the security issue, though it did note the numbers may be used as part of unemployment benefits fraud.

Continue Reading

Project Zero is a security research team at Google that spends time discussing and evaluating vulnerability disclosure policies and the consequence of those policies for users, vendors, security researchers, and software security. The team says it wants to be a group of researchers that benefits everyone working across the ecosystem to help make zero-day attacks more difficult. Project Zero has issued a summary of changes that will impact 2021.

Continue Reading

The Web has definitely become a very different place compared to just a few years ago. Security has always been a consideration but never has it been more critical than these days when more people work at home with less than secure Internet connections. That same change in work situations has bumped up the need for WebRTC, a technology that already existed long before video conferencing was hip. Addressing both those concerns, Google is releasing Chrome 90 in an attempt to make working for home more secure and less stressful.

Continue Reading

Despite all the magic that web apps and web browsers are able to do these days, much of the Web and the Internet in general still operates on top of decades-old technologies. This isn't just about applications like e-mail or IRC (yes, those still exist) but also technologies like TCP/IP, HTTP (without the S), and FTP. Those won't be going away anytime soon, at least without breaking the Internet, but some, such as FTP, are becoming more obscure to the point that Mozilla has decided to start its retirement from the Firefox web browser.

Continue Reading

The US government has issued a rare warning around Microsoft security patches, with the White House pushing American companies to install a recently-released set of updates. Security vulnerabilities identified by the US government itself prompted the new Microsoft Exchange updates, Anne Neuberger, the Deputy National Security Advisor for Cyber & Emerging Technologies, said in a statement.

Continue Reading

Capcom today issued its final report on the security breach it suffered back in November 2020, detailing what it has learned about the attack following an investigation performed by IT professionals. The company also gave us an updated number of people who were affected by this data breach, and those who were worried will probably be happy to know that the number has decreased since the last report.

Continue Reading

Budget smart home company Wyze has announced an expanded partnership with Noonlight that offers its customers 24/7 monitoring services. The new option, which comes with a small monthly fee, combines the DIY nature of Wyze's smart home devices with Noonlight's monitoring service, making the overall system a bit more useful for security-minded users.

Continue Reading

Security is a big topic in the smartphone industry, especially as phones become extensions of ourselves. The technologies used to secure our phones, however, may not always be the most sophisticated, mostly due to reasons of economy. Behind features like fingerprint scanners, PIN codes, and the like, is the ability of a device to generate random numbers to provide some level of security. That is the specialty of Samsung's "quantum cryptography phones" and the Galaxy Quantum 2 takes another stab at that extremely niche market.

Continue Reading

WhatsApp has been stewing in a pot of bad PR for the past few years but it seems that things have been heating up more recently. Despite that, the messaging service still enjoys millions of users that seem to be more at risk each day as new vulnerabilities and even corporate policies keep popping up. The latest may be one of the most worrisome because it could cause any user to lose access to their account forever even with all the security measures properly in place.

Continue Reading

There seems to be a spate of incidents in the recent weeks where large social networks had their database simply scraped, not hacked, to expose user records that were then distributed in hacker forums. At first, it seemed that Clubhouse, the budding audio-centric network, was the victim of such activity but the company denied that was the case. Unfortunately, its explanation for what really happened raised more questions than it answered, causing concerns about the way it is handling the security and integrity of its own official access points.

Continue Reading

Unfortunately, data leaks from major technology companies are far from uncommon. Professional social networking site LinkedIn has allegedly been compromised with hackers claiming they have data from 500 million LinkedIn profiles for sale. So far, the hackers have released 2 million records as proof they have compromised the LinkedIn database.

Continue Reading