Feed aggregator

Apple publishes free resources to improve password security

ZDNet Zero Day - Fri, 06/05/2020 - 19:56
The new tools are meant to help the developers of password managers and Apple hopes the tools will reduce the instances where users chose their own password rather than rely on the password manager.
Categories: Security News

Friday Squid Blogging: Shark vs. Squid

Schneier on Security - Fri, 06/05/2020 - 16:19
National Geographic has a photo of a 7-foot long shark that fought a giant squid and lived to tell the tale. Or, at least, lived to show off the suction marks on his skin. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting... Bruce Schneier
Categories: Security News

QNAP NAS devices targeted in another wave of ransomware attacks

ZDNet Zero Day - Fri, 06/05/2020 - 11:50
eCh0raix ransomware gang returns with a new wave of attacks against QNAP NAS devices.
Categories: Security News

New Research: "Privacy Threats in Intimate Relationships"

Schneier on Security - Fri, 06/05/2020 - 06:13
I just published a new paper with Karen Levy of Cornell: "Privacy Threats in Intimate Relationships." Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships. Many common assumptions about privacy are upended in the context of these relationships, and many otherwise effective... Bruce Schneier
Categories: Security News

China, Iran, and Russia worked together to call out US hypocrisy on BLM protests

ZDNet Zero Day - Thu, 06/04/2020 - 22:55
Report from social media research group shows foreign diplomats and state-controlled media pounced on the US' abysmal handling of the BLM protests to attack the US as a beacon of freedom and further their own political goals.
Categories: Security News

Google: Chinese and Iranian hackers targeted Biden and Trump campaign staffers

ZDNet Zero Day - Thu, 06/04/2020 - 12:28
Google's TAG team said phishing attacks against Biden and Trump campaign staffers were unsuccessful.
Categories: Security News

How to remove yourself from Internet search results and hide your identity

ZDNet Zero Day - Thu, 06/04/2020 - 09:48
Here is a step-by-step guide to reducing your digital footprint online, whether you want to lock down data or vanish entirely.
Categories: Security News

Zoom's Commitment to User Security Depends on Whether you Pay It or Not

Schneier on Security - Thu, 06/04/2020 - 06:24
Zoom was doing so well.... And now we have this: Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users won't enjoy that level of privacy, which makes it impossible for third parties to decipher communications. "Free users for sure we don't want to give that because we also want to work... Bruce Schneier
Categories: Security News

Incognito mode detection still works in Chrome despite promise to fix

ZDNet Zero Day - Wed, 06/03/2020 - 23:15
Google said last year that it would fix a bug that allowed sites to detect incognito mode, but no fix ever came.
Categories: Security News

Hackers hijack one of Coincheck's domains for spear-phishing attacks

ZDNet Zero Day - Wed, 06/03/2020 - 17:41
Hackers hijacked Coincheck's domain registrar account and then changed DNS settings.
Categories: Security News

Google apps and websites get support for more security keys on iOS devices

ZDNet Zero Day - Wed, 06/03/2020 - 13:00
You can now use hardware security keys to access Google apps and services running on iOS devices.
Categories: Security News

Large-scale attack tries to steal configuration files from WordPress sites

ZDNet Zero Day - Wed, 06/03/2020 - 11:14
Attackers tried to download configuration files from WordPress sites so they could steal database credentials.
Categories: Security News

Facebook software engineer resigns with scathing criticism of the network’s refusal to act on ‘weaponized hatred’

ZDNet Zero Day - Wed, 06/03/2020 - 06:27
The former Facebook employee accuses the social network of allowing “politicians to radicalize individuals and glorify violence.”
Categories: Security News

Wallpaper that Crashes Android Phones

Schneier on Security - Wed, 06/03/2020 - 06:11
This is interesting: The image, a seemingly innocuous sunset (or dawn) sky above placid waters, may be viewed without harm. But if loaded as wallpaper, the phone will crash. The fault does not appear to have been maliciously created. Rather, according to developers following Ice Universe's Twitter thread, the problem lies in the way color space is handled by the... Bruce Schneier
Categories: Security News

Tor’s latest release makes it easier to find secure onion services

ZDNet Zero Day - Wed, 06/03/2020 - 05:00
Tor Browser 9.5 is also working towards making Dark Web addresses easier to remember.
Categories: Security News

Google opens up Advanced Protection Program to Nest devices

ZDNet Zero Day - Wed, 06/03/2020 - 04:06
The move follows integration with services including Android and Chrome.
Categories: Security News

Ransomware gang says it breached one of NASA's IT contractors

ZDNet Zero Day - Tue, 06/02/2020 - 19:29
DopplePaymer ransomware gang claims to have breached DMI, a major US IT and cybersecurity provider, and one of NASA IT contractors.
Categories: Security News

New cold boot attack affects seven years of LG Android smartphones

ZDNet Zero Day - Tue, 06/02/2020 - 15:19
LG has released a firmware fix in May 2020. Attack requires physical access.
Categories: Security News

REvil ransomware gang launches auction site to sell stolen data

ZDNet Zero Day - Tue, 06/02/2020 - 11:04
Ransomware gang takes extortion to a whole new level. Threatens to auction Madonna's legal documents in a future auction.
Categories: Security News

G Suite Marketplace primed for a privacy scandal, researchers warn

ZDNet Zero Day - Tue, 06/02/2020 - 06:34
G Suite apps that have access to Drive and Gmail data found communicating with undisclosed external services.
Categories: Security News