LastPass: Keylogger on home PC led to cracked corporate password vault

Unless you’ve been under a rock, you’ll know that earlier this week Facebook announced plans for a new global cryptocurrency for absolutely everyone called Libra.

...more

Docker breach of 190,000 users exposes lack of two-factor authentication

Published: 2019-04-30 10:48:08

Popularity: 397

Author: John E Dunn

Keywords:

2FA

MFA

The containerisation platform has asked 190k users to change their passwords after hackers gained access to a database of personal data.

...more

Android users: watch out for this fake address bar trick

Published: 2019-04-30 14:38:05

Popularity: 1221

Author: Danny Bradbury

Keywords:

iOS

css

When is an address bar not an address bar? When it's a fake.

...more

ExtraPulsar backdoor based on leaked NSA code – what you need to know

Published: 2019-04-25 14:58:33

Popularity: 0

Author: Paul Ducklin

Keywords:

NSA

A US security researcher has come up with an open-source Windows backdoor loosely based on NSA attack code that leaked back in 2017.

...more

NYPD forgets to redact facial recognition docs, asks for them back

Published: 2019-04-24 11:12:56

Popularity: 77

Author: Lisa Vaas

Keywords:

Law & order

Privacy

Center on Privacy & Technology

Clare Garvie

facial recognition

Georgetown University Law Center

lawsuit

NYPD

The privacy think tank had them for 20 days, and one of the docs was already displayed at a conference, but the NYPD is still clawing them back.

...more

Phone fingerprint scanner fooled by chewing gum packet

Published: 2019-04-23 14:41:35

Popularity: 0

Author: Paul Ducklin

Keywords:

A video has surfaced claiming to show someone unlocking a Nokia 9 by tapping a gum packet against the fingerprint scanner.

...more

Ad blocker firms rush to fix security bug

Published: 2019-04-17 10:59:56

Popularity: 741

Author: Danny Bradbury

Keywords:

If you’re using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed on Monday that enables hackers to compromise your browser.

...more

Feds swoop in, snatch mobile phone tracking records away from ACLU

Published: 2019-03-08 00:45:42

Published: 2019-03-07 22:30:49

Popularity: None

Author: Paul Ducklin

Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days” period, so the flaw is now public.

...more

Published: 2019-03-07 21:59:53

Popularity: None

Author: John E Dunn

After a busy sequence of updates in October, November, and December, the new year’s first Patch Tuesday promises a lighter workload.

...more

Update now! Chrome and Firefox patch security flaws

Published: 2019-03-07 21:58:20

Popularity: None

Author: John E Dunn

Google and Mozilla are tidying up security features and patching vulnerabilities in Chrome and Firefox for Mac, Windows, and Linux.

...more

Hacker talks to baby through Nest security cam, jacks up thermostat

Published: 2019-03-07 21:58:16

Popularity: None

Author: None

Yet another family unnerved by yet another voice coming from a nursery webcam serves as yet another argument against password reuse.

...more

Flash “security bypass” list hidden in Microsoft Edge browser

Published: 2019-03-07 21:57:10

Popularity: None

Author: John E Dunn

Until this month, the Edge browser could bypass its own warnings about Flash content on 58 websites, thanks to a hidden list.

...more

Let’s Encrypt issues certs to ‘PayPal’ phishing sites: how to protect yourself

Published: 2019-03-07 21:56:55

Popularity: None

Author: Bill Brenner

Checking that a website uses HTTPS is one way of checking if it’s legitimate – but what happens when the scammers are buying SSL certificates that include the name of the company they&#…

...more

Summary