-
+27 +1
Microsoft Teams has been storing authentication tokens in plaintext
Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The flaw affects the desktop app for Windows, Mac and Linux built using Microsoft's Electron framework. Microsoft is aware of the issue but said it has no plans for a fix anytime soon, since an exploit would also require network access.
-
+26 +1
Apple discloses security vulnerabilities in iPhones, iPads, Macs allowing 'full admin access' to devices
Apple released an emergency security update Thursday, disclosing that there were vulnerabilities for certain iPhone, iPad and Mac products. These vulnerabilities were disclosed in a software update, which the company said should safeguard the products.
-
+19 +1
SpaceX says researchers are welcome to hack Starlink and can be paid up to $25,000 for finding bugs in the network
SpaceX congratulated a researcher who said he hacked into Starlink using a $25 homemade device as part of the company's bug bounty program.
-
+17 +1
An Entire Canadian Town Is Being Extorted By Ransomware Cyber Criminals
The Canadian town of St. Marys had its data stolen and held hostage by a ransomware gang.
-
+28 +1
Apple is building a Lockdown Mode to fend off cyberattacks on high-profile users | Engadget
Apple has announced Lockdown Mode, an "extreme" level of security designed for a "very small number of users who face grave, targeted threats." It will be available this fall when the company rolls out iOS 16, iPadOS 16 and macOS Ventura.
-
+17 +1
Post-Roe America and the Importance of Encryption.
Hi America, this is Brandon from Tutanota. As I’m sure you already know, on June 24, 2022 the Supreme Court of the United States delivered the ruling that the US Constitution does not confer the right to abortion, thus overruling Roe v. Wade and Planned Parenthood v. Casey. As soon as the decision was made public, thirteen states with trigger laws were able to begin enforcing stricter restrictions on abortions.
-
+30 +1
Are Password Managers A Single Point Of Failure?
Are password managers a single point of failure? This is a question that gets asked by many new people to password managers. With all the data breaches happening it’s no wonder people are concerned about using a password manager.
-
+2 +1
Hackers can bring ships and planes to a grinding halt. And it could become much more common
Armed with little more than a computer, hackers are increasingly setting their sights on some of the biggest things that humans can build. Vast container ships and chunky freight planes — essential in today’s global economy — can now be brought to a halt by a new generation of code warriors. “The reality is that an aeroplane or vessel, like any digital system, can be hacked,” David Emm, a principal security researcher at cyber firm Kaspersky, told CNBC.
-
+24 +1
Job cuts hit cybersecurity industry despite surging growth from ransomware attacks
Nothing has lowered Cybereason’s expectations for growth. Rather, the continuing rise in ransomware attacks has forced its clients to bolster spending on security systems, putting the security software company ahead of schedule when it comes to revenue. But Cybereason is cutting costs anyway, confirming last week that it’s laying off 10 percent of its workforce, or about 100 employees. The reductions follow the dramatic swing in the economy this year and the beating that software stocks have taken on the public market.
-
+19 +1
Most organizations hit by ransomware would pay if hit again
Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack.
-
+20 +1
Microsoft launches cybersecurity services to help clients fight off ransomware and other attacks
Microsoft’s security business is growing faster than any of its main products, and now the company is adding heft to its offerings with three new services designed to help organizations spot and respond to cybersecurity incidents. Microsoft is among the leaders in cloud software and infrastructure, which means its technology is already the backbone for many businesses of all sizes.
-
+18 +1
Your Phone May Soon Replace Many of Your Passwords
Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites.
-
+24 +1
How Apple, Google, and Microsoft will kill passwords and phishing in one stroke
For more than a decade, we’ve been promised that a world without passwords is just around the corner, and yet year after year, this security nirvana proves out of reach. Now, for the first time, a workable form of passwordless authentication is about to become available to the masses in the form of a standard adopted by Apple, Google, and Microsoft that allows for cross-platform and cross-service passkeys.
-
+23 +1
You Need to Update iOS, Android, and Chrome Right Now
APRIL HAS BEEN a big month for security updates, including emergency patches for Apple’s iOS and Google Chrome to fix vulnerabilities already being used by attackers. Microsoft has released important fixes as part of its mid-April Patch Tuesday, while Android users across multiple devices need to make sure they are applying the latest update when it becomes available.
-
+4 +1
More than 100 bugs discovered in US Homeland Security systems
More than 100 bugs have been discovered in the systems of the US Department of Homeland Security (DHS), some of which were deemed critical. As reported by The Register, the government organization recently kicked off its “Hack DHS” program, a three-phase event with the goal of tightening up network security.
-
+28 +1
Scammers are texting you from your own number now — here's what to do if that happens
Have you been getting weird text messages lately — from yourself? Don’t worry, you’re not alone, and you’re probably not having an out-of-body experience. The latest trend in spam text messages involves mobile phone users receiving texts from what appears to be their own phone number.
-
+19 +1
Older Americans are given the wrong idea about online safety – here's how to help them help themselves
Older Americans are often taught to be fearful of hackers and scammers in their midst while also being told to investigate potential threats. Better advice is to not engage.
-
+29 +1
AI Experts Warn of Potential Cyberwar Facing Banking Sector
U.S. authorities have cautioned banks about possible cyberattacks following Russia’s recent invasion of Ukraine, but experts say financial institutions also face particular risks in a more murky area of their business—the now ubiquitous artificial-intelligence models that handle everything from lending to trading.
-
+13 +1
Okta hack puts thousands of businesses on high alert
Okta, an authentication company used by thousands of organizations around the world, says it’s investigating news of a potential breach, Reuters reports. The disclosure comes as hacking group Lapsus$ has posted screenshots to its Telegram channel claiming to be of Okta’s internal systems, including one that appears to show Okta’s Slack channels, and another with a Cloudflare interface.
-
+20 +1
A big bet to kill the password for good
After years of tantalizing hints that a passwordless future is just around the corner, you're probably still not feeling any closer to that digital unshackling. Ten years into working on the issue, though, the FIDO Alliance, an industry association that specifically works on secure authentication, thinks it has finally identified the missing piece of the puzzle.
Submit a link
Start a discussion