Security News

Zappos data breach settlement: users get 10% store discount, lawyers get $1.6m

ZDNet Zero Day - Thu, 10/17/2019 - 19:58
Seven-years-old class-action lawsuit nears its end, but data breach victims won't be happy.
Categories: Security News

Google Pixel 4's Face Unlock works even if you have your eyes closed

ZDNet Zero Day - Thu, 10/17/2019 - 17:16
Face Unlock bug lets someone unlock you're Pixel 4 phone while you're asleep or out cold.
Categories: Security News

Yubico security keys can now be used to log into Windows computers

ZDNet Zero Day - Thu, 10/17/2019 - 15:08
Yubico releases app that lets users configure YubiKeys to work on top of local Windows OS accounts.
Categories: Security News

US senator introduces privacy bill that would jail CEOs for user privacy violations

ZDNet Zero Day - Thu, 10/17/2019 - 13:38
Sen. Wyden introduces new consumer privacy bill that puts even the EU's GDPR to shame.
Categories: Security News

Google expands Chrome's Site Isolation feature to Android users

ZDNet Zero Day - Thu, 10/17/2019 - 11:04
Google also expands Site Isolation protections for desktop users.
Categories: Security News

Germany's cyber-security agency recommends Firefox as most secure browser

ZDNet Zero Day - Thu, 10/17/2019 - 06:58
Germany's BSI tested Firefox, Chrome, IE, and Edge. Firefox was only browser to pass all minimum requirements for mandatory security features.
Categories: Security News

Using Machine Learning to Detect IP Hijacking

Schneier on Security - Thu, 10/17/2019 - 06:08
This is interesting research: In a BGP hijack, a malicious actor convinces nearby networks that the best path to reach a specific IP address is through their network. That's unfortunately not very hard to do, since BGP itself doesn't have any security procedures for validating that a message is actually coming from the place it says it's coming from. [...]... Bruce Schneier
Categories: Security News

UK porn block collapses and I couldn’t be happier about it

ZDNet Zero Day - Thu, 10/17/2019 - 04:58
Opinion: The porn block was unenforceable and an empty promise -- and its withdrawal is a win for privacy.
Categories: Security News

Tor Snowflake turns your browser into a proxy for users in censored countries

ZDNet Zero Day - Wed, 10/16/2019 - 23:45
Chrome and Firefox extensions released over the summer. Windows support added this month.
Categories: Security News

Security researcher publishes proof-of-concept code for recent Android zero-day

ZDNet Zero Day - Wed, 10/16/2019 - 16:45
Qu1ckR00t app can root an Android device using the CVE-2019-2215 zero-day.
Categories: Security News

WAV audio files are now being used to hide malicious code

ZDNet Zero Day - Wed, 10/16/2019 - 11:00
Steganography malware trend moving from PNG and JPG to WAV files.
Categories: Security News

Phorpiex botnet made $115,000 in five months just from mass-spamming sextortion emails

ZDNet Zero Day - Wed, 10/16/2019 - 08:00
Sextortion emails look silly for the most of us, but there are many users who take them at face value and pay up.
Categories: Security News

Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem

ZDNet Zero Day - Tue, 10/15/2019 - 19:35
Securing a handful of developer accounts and vetting a few projects would greatly increase the security of the npm ecosystem of JavaScript libraries.
Categories: Security News

Checkm8 iOS jailbreak used as lure in online scam

ZDNet Zero Day - Tue, 10/15/2019 - 10:51
iOS users tricked into installing online games and told to "reach Level 8 in 7 days."
Categories: Security News

Cracking the Passwords of Early Internet Pioneers

Schneier on Security - Tue, 10/15/2019 - 10:38
Lots of them weren't very good: BSD co-inventor Dennis Ritchie, for instance, used "dmac" (his middle name was MacAlistair); Stephen R. Bourne, creator of the Bourne shell command line interpreter, chose "bourne"; Eric Schmidt, an early developer of Unix software and now the executive chairman of Google parent company Alphabet, relied on "wendy!!!" (the name of his wife); and Stuart... Bruce Schneier
Categories: Security News

Argentinian security researcher arrested after tweeting about government hack

ZDNet Zero Day - Tue, 10/15/2019 - 06:10
Researcher claims "political persecution," all while police are looking for a hacker who doxed thousands of officers.
Categories: Security News

M6, one of France's biggest TV channels, hit by ransomware

ZDNet Zero Day - Mon, 10/14/2019 - 17:45
Unlike The Weather Channel earlier this year, M6 remained on the air.
Categories: Security News

Apple responds to reports that it sends user traffic to China's Tencent

ZDNet Zero Day - Mon, 10/14/2019 - 12:31
Apple explains how Safari's recent Safe Browsing update works -- following a slew of misleading media reports.
Categories: Security News

Microsoft Defender 'Tamper Protection' reaches general availability

ZDNet Zero Day - Mon, 10/14/2019 - 11:00
Tamper Protection prevents malware from disabling Windows Defender features.
Categories: Security News

Building China's Comac C919 airplane involved a lot of hacking, report says

ZDNet Zero Day - Mon, 10/14/2019 - 10:00
One of China's most brazen hacking sprees involved intelligence officers, hackers, security researchers, and company insiders.
Categories: Security News