security

Ransomware takes out major county servers in North Carolina

Ransomware takes out major county servers in North Carolina

Mecklenburg County, North Carolina, where the city of Charlotte is located, was hit with a ransomware attack this week that took out major city servers and has forced some officials to work with old fashioned pen and paper. The ransomware was able to infect the network after a city employee opened an email attachment containing the software. The hacker is demanding a payment of $23,000 to restore the system, but so far city officials are refusing to pay.

Continue Reading

Google puts Android accessibility crackdown on hold

Google puts Android accessibility crackdown on hold

Android is often lauded for having an open platform that gives developers a lot of leeway to perform things many of the platform’s rivals withhold. Unfortunately, there will always be those who will try and abuse that freedom for personal gain. That is why Google gave Android app developers an ultimatum last month to only use Accessibility Services if their app is intended for that and that purpose only. In its zeal to protect its platform however, Google may have jumped the gun, which it seems to have realized, causing it to stay its 30-day deadline.

Continue Reading

iOS 11.2 HomeKit bug allowed unauthorized access to smart locks

iOS 11.2 HomeKit bug allowed unauthorized access to smart locks

iOS 11.2 has been out in the wild now for a month so you’d expect most of the critical bugs and issues to have surfaced by now. Well, most of them have but that does still leave room for some undiscovered problem. Unfortunately, that was indeed the somewhat frightening case that HomeKit users with smart locks may have been blissfully unaware of. It turns out that iOS 11.2 brought with it a vulnerability that allowed unauthorized persons to unlock doors and garages remotely via Apple’ smart home platform.

Continue Reading

Qualcomm pushes Snapdragon 845 to steal Apple’s privacy crown

Qualcomm pushes Snapdragon 845 to steal Apple’s privacy crown

Apple may have planted its flag on the idea that artificial intelligence (AI) can still be mindful of privacy, but Qualcomm is looking to unlock the same for Android with the new Snapdragon 845. The new system-on-chip (SoC), unveiled today, will help device and service-makers break their phones, apps, and other products away from their tether to the cloud. It also puts a renewed focus on security.

Continue Reading

Ai.Type keyboard’s lax security leaks millions of user data

Ai.Type keyboard’s lax security leaks millions of user data

Virtual keyboards are perhaps one of the strangest and often underestimated kind of software on mobile devices today. On the one hand, it’s easy to take them for granted because they’re just on-screen keyboards. On the other hand, anything that you type, including sensitive information like passwords and credit card details, passes through them. With that much power, keyboard developers need to exercise great responsibility as well. Unfortunately, a “popular” keyboard by the name of Ai.Type didn’t think so, leaking more than 31 million users’ data simply because it didn’t protect its own database with a password.

Continue Reading

Galaxy Note 8 gets a built-in VPN in latest update

Galaxy Note 8 gets a built-in VPN in latest update

Samsung hasn’t exactly been the most religious OEM when it comes to rolling out updates, but when it does, sometimes include some unexpected treats. Take, for example, the Galaxy Note 8, which has just gotten an update that adds a new feature to the phablet, new to the Galaxy Note 8, at least. That feature is the Galaxy J’s “Secure Wi-Fi”, which is just a fancy pants name for Samsung’s VPN service that promises secure and private browsing, even and especially on unencrypted Wi-Fi networks.

Continue Reading

Android December security bulletin finally has KRACK fix for Pixels

Android December security bulletin finally has KRACK fix for Pixels

Google kicked off the whole monthly security bulletin practice to assure Android users, or at least owners of its Nexus and Pixel devices, that they will get timely and critical security fixes before all hell breaks loose. In a rather odd turn of events, however, Google missed that window when it rolled out the November set of security patches without a fix for the KRACK vulnerability. Fortunately, that whole scare seems to have blown over on its own before Google could finally get the fix out the door today.

Continue Reading

Apple might be sharing Face ID data with apps too freely

Apple might be sharing Face ID data with apps too freely

Most security researchers are stumbling to find a way to definitively prove, or disprove, the security and reliability of the iPhone X’s Face ID feature. Almost all of those, however, require a second face to bypass your legit one. It turns out that users might have something to fear even without a doppelganger. It is no secret that Apple allows third-party apps to access some Face ID data, but how much and how easy they’re getting that data could quickly become a privacy nightmare.

Continue Reading

Samsung patent uses palm recognition for passsword hints

Samsung patent uses palm recognition for passsword hints

Fingerprint scanning is secure and reliable. 3D face recognition is fast but still in development. Samsung has the former and is reportedly working on the latter for the Galaxy S9. But why stop there? Indeed, a recently surfaced patent reveals that Samsung is toying with the idea of using palm recognition for a related purpose. No, it won’t unlock your phone using your unique palm lines. It will just help you remember your password or PIN code.

Continue Reading

DJI accused of spying for China in leaked ICE memo [Update: DJI responds]

DJI accused of spying for China in leaked ICE memo [Update: DJI responds]

A leaked ICE bulletin warns of possible spying by drone maker DJI on behalf of the Chinese government, raising new concerns about security and privacy. The memo warns that DJI is very likely targeting certain government and private entities "to collect and exploit sensitive U.S. data." That is just a sliver of the long report, though, which warns that DJI's mobile apps are allegedly sending a bunch of data back to systems in Hong Kong and Taiwan.

Continue Reading

MacOS flaw fix update out now

MacOS flaw fix update out now

This morning Apple released a fix for the flaw discovered yesterday in their macOS High Sierra system. Anyone using High Sierra would potentially be at risk of data theft via unauthorized login without this software update today. The security flaw allowed any user to log in to an Apple computer by logging in with the self-created user ROOT.

Continue Reading

Here’s how to remove the new HP Touchpoint Telemetry bloatware

Here’s how to remove the new HP Touchpoint Telemetry bloatware

Companies have many reasons and methods for gather users’ device data, with or without their knowledge, much less consent. The most common is telemetry data harvested for statistics and for the sake of improving services. Regardless of reason or method, it is always a privacy concern. So when HP started installing a new Touchpoint Analytics Client Telemetry service behind users’ backs, said users were naturally annoyed and alarmed, especially since it came at some cost. Fortunately stopping and removing that service isn’t too difficult.

Continue Reading

1 2 3 4 5 Next