security

Android P camera requirements could be a double-edged sword

Android P camera requirements could be a double-edged sword

As an open platform, Android gives developers and users a lot of wiggle room to do things that some like iOS would never allow them to. Sometimes, that delivers power and functionality that only Android users are able to enjoy. But like any sort of power, it can and has been abused. A recurring theme in the upcoming Android P seems to revolve around fine-tuning control over certain aspects of the operating system. The latest is a new limitation that prevents idle background apps from using the camera, which is a win for privacy but potentially for theft as well.

Continue Reading

Flight Sim Labs’ DRM tool could collect Google Chrome passwords

Flight Sim Labs’ DRM tool could collect Google Chrome passwords

Piracy is a problem that has hounded the entertainment and software industry for decades and there doesn’t seem to be any light at the end of the tunnel yet. Different people have different opinions on how to cut or at least curb it and tools have come and gone with mixed effectiveness. One software maker, however, may have gone a bit too far in its quest stop a pirate. Popular slight sim maker Flight Sim Labs admitted to shipping an installer that included a tool that, under very specific circumstances, would collect a specific user’s passwords stored on Google Chrome and send them back to the company.

Continue Reading

WyzeCam v2 raises specs but not $20 price [Updated]

WyzeCam v2 raises specs but not $20 price [Updated]

The original WyzeCam was something of an anomaly within the security camera space. While many manufacturers offer security cameras priced above $100 (and sometimes far more than that), WyzeCam promised to offer the basic functions you'd expect from a security camera in a $20 package. It seems to have met some degree of success after launch, because now Wyze is gearing up for a hardware update.

Continue Reading

Google exposes an Edge bug Microsoft still hasn’t patched

Google exposes an Edge bug Microsoft still hasn’t patched

Google security researchers have revealed a security flaw in Microsoft Edge, making the issue public before a fix for the browser has been released. The problem in the Windows 10 browser was identified by Google's Project Zero team, a group of researchers and analysts that, since mid-2014, has been tasked with digging out flaws and zero-day vulnerabilities in code both inside and outside of the company.

Continue Reading

US, UK governments blame Russia for 2017 NotPetya cyberattack

US, UK governments blame Russia for 2017 NotPetya cyberattack

The US and UK governments have officially blamed Russia for the NotPetya cyberattacks that happened in summer 2017. The White House and the UK's National Cyber Security Centre have both released statements about the attack, each condemning the Russian government for "the most destructive and costly cyber-attack in history."

Continue Reading

FedEx goof exposes 119,000 passports, IDs and more

FedEx goof exposes 119,000 passports, IDs and more

A huge FedEx security goof exposed more than 119,000 scanned documents, including passports and driving licenses of customers, the shipping company has admitted. Security researchers identified a server on which the scans - which had been collected as part of a discontinued service that assisted customers in setting up shipments - had been left unsecured and open to public access.

Continue Reading

Facebook two-factor authentication spams users via SMS

Facebook two-factor authentication spams users via SMS

Facebook just can't catch a break these days, which is probay nothing unexpected for being one of the world's biggest social networks. It is involved in one privacy issue after another, not to mention lawsuits springing from those. This latest could definitely be added to the latter if some law firm takes interest. Users are reporting they are receiving SMS notifications about Facebook posts without them agreeing to it. But more worryingly, Facebook seems to have used the phone number users have connected to the network's two-factor authentication system.

Continue Reading

US, UK government websites infected by cryptomining malware

US, UK government websites infected by cryptomining malware

Governments originated from the need to not only govern but also protect citizens, though some will probably dispute how much that still applies today. It is with a bit of irony, then, that some government websites have become unwilling, not to mention unknowing, vehicles to actually harm their own citizens. It has just recently come to light that thousands of websites, including those run by US and UK governments, have become infected by cryptocurrency mining malware, causing anyone who visits those sites to generate money for still unidentified miscreants.

Continue Reading

This is reportedly how Apple’s embarrassing code leak went down

This is reportedly how Apple’s embarrassing code leak went down

Apple's iPhone source code leak has been blamed on a low-level employee at the company, with a new report suggesting there could be more leaks to come. The iBoot source code download which hit GitHub earlier this week has been described as the biggest leak ever but, according to insiders with knowledge of what took place, it came from a relatively humble source.

Continue Reading

Windows 10 Pro palm vein recognition coming courtesy of Fujitsu

Windows 10 Pro palm vein recognition coming courtesy of Fujitsu

Move over 3D face recognition, Microsoft wants your palm instead. The biometric security industry has exploded thanks to the popularity of fingerprint scanners and the whole drama around face recognition on phones. Tech companies are now racing to find the next big thing, and the next body part, for securing devices and files. Microsoft, who already supports face and fingerprint recognition via Windows Hello, has teamed up with Fujitsu to integrate the latter’s PalmSecure technology into Windows 10 Pro.

Continue Reading

DJI Olympics no-fly zones will make sneaking an aerial shot difficult

DJI Olympics no-fly zones will make sneaking an aerial shot difficult

DJI is making it difficult for drone owners to fly their UAVs during the 2018 Winter Olympics Games. Such drone use is forbidden during the Games, but that's not likely to stop everyone from trying to sneak a couple aerial shots or videos. Though Olympics security officials have their own plans in place to deal with unwanted consumer drones, DJI is planning to release a software update that will put the brakes on usage near the facilities.

Continue Reading

iBoot source download: Apple hits biggest leak ever with DCMA

iBoot source download: Apple hits biggest leak ever with DCMA

This week the bootloader source code for iOS seems to have leaked in its entirety. Apple would appear to have sent a DCMA takedown notice to Github, where the code was leaked, this indicating the code posted was of some large consequence. This is a big deal because it will likely lead to custom software for the latest iPhone devices. This is also a big deal because it could potentially lead to some nefarious parties finding their way in to Apple devices with a bit of reverse engineering - but don't worry. Apple's aware of what's up.

Continue Reading

1 2 3 4 5 Next