ZenGo is warning users about a cryptography vulnerability that affects devices running an unpatched version of Windows 10. The CVE-2020–0601 vulnerability was first uncovered by the NSA, and was later picked up by ZenGo, which gave it the much catchier “CurveBall” moniker. So how does CurveBall work? In plain terms, a hacker seeking to…
Buguroo is warning consumers about three malicious applications that are currently available through Google Play. All three applications take advantage of the Android Binder vulnerability, and were first uncovered by Trend Micro researchers Ecular Xu and Joseph Chen. The offending applications are Camero, callCam, and FileCrypt Manager, all three of which should obviously be avoided. The first two are…
Both of America’s major political parties have been using Duo Security, which specializes in multi-factor authentication (MFA), to secure sensitive information ahead of the 2020 Presidential election, according to a Cyber Scoop report. The Republican National Committee (RNC) has been using Duo since just days before the 2016 Presidential election to provide multiple layers of…
The digital world is an increasingly scary place, with each passing year delivering new data breach and hacking events in which consumers’ Personally Identifiable Information (PII) is spilled into the dark web and afflicted organizations suffer significant damages to their operations and their reputations. But digital security is evolving, too, and there are compelling solutions…
Hoyos Integrity Corporation (Hoyos) has announced Gary Cohn, the former Director of the U.S. National Economic Council and Chief Operating Officer of Goldman Sachs, as an investor and member of its Board of Advisors. Hoyos provides secure patent-protected mobile communications technologies to both the private and public sectors, and has its’ own FCC license to…
Thousands of iPhone users may have had their devices hacked by malicious code found in a handful of websites, according to security researchers with Google. The security vulnerability has been revealed through a new blog post from Google’s Project Zero team member Ian Beer. The post describes a small group of websites that were likely…
A team of Tencent researchers has managed to get past Face ID’s liveness detection with a pair of glasses and some tape. To execute the attack, the researchers placed a strip of black tape on each lens. The tape mimics the outline of the eye, while a dot of white tape in the center imitates…
“For its part, Slack has taken the opportunity to further promote the use of post-password security measures, asserting in its email, ‘We recommend using two-factor authentication with every service that provides it, including Slack, for an extra layer of security.’” Four years after a major hack attack, the business-focused instant messaging platform Slack is taking…
In the wake of yet another high-profile hack attack, FIDO Alliance co-founder Nok Nok Labs is calling businesses and service providers to take advantage of phishing-resistant multi-factor authentication solutions. The attack in this case concerns Wipro, a Major India-based software company, whose IT systems were compromised, with Wipro customers then targeted in “an advanced phishing…
“…66 percent of all respondents said they were unlikely to do business with an organization that suffered a data breach in which sensitive information was compromised.” Newly published survey research is further highlighting the need for companies to protect consumer data. Conducted by Vanson Bourne on behalf of Gemalto, the study polled 10,500 consumers on…
“…2019 could be a year in which major hack attacks demonstrate which biometric security systems are truly effective and which are outdated, if Experian’s prediction is proven right.” Experian’s sixth annual Data Breach Industry Forecast finds biometrics in the crosshairs. Assessing the five major security threats expected for 2019, the report predicts that hackers will…
New statistics on data breaches from Australian officials suggest that “this problem isn’t going away any time soon,” suggests Gemalto. As the company’s latest blog post explains, the Office of the Australian Information Commissioner implemented its Notifiable Data Breaches scheme in late February, introducing new requirements compelling organizations to notify individuals of data breaches that…
Kelowna-based Hilltop Cybersecurity has filled one of two empty posts left by an executive’s departure with an expert hacker. Pete Herzog is, of course, the ‘white hat’ variety of hacker – one who uses his expertise at overcoming digital security for good instead of evil. Herzog’s experience in this area, which includes working as a…
People don’t like having their identities stolen. That’s the key takeaway from new research from the University of Texas at Austin Center for Identity. The academic institution’s newly published “2018 Identity Theft Assessment and Prediction Report” highlights the emotional impact of identity theft, fraud, and online abuse, and the findings are perhaps predictable. According to…
Earlier this month, the company behind Timehop, a social media ‘time capsule’ app that shows users their older posts, revealed that it had suffered a data breach affecting 21 million users. And while the attack was not particularly exceptional as far as data breaches go, it nevertheless offers some food for thought, as FIDO Alliance…
Administrators of the Timehop social media app may be wishing they could go back in time themselves to stop a July 4th hack attack that has affected some 21 million users. The attack was carried out through Timehop’s cloud computing account, with the perpetrator having acquired an administrator’s credentials and then used them to create…
