Encryption

Company that was laughed off-stage sues Black Hat

The organisers of the Black Hat USA conference are being sued by Crown Sterling after its controversial sponsored talk in Las Vegas.


1 min read

Slack response. Passwords reset four years after data breach

Slack would have been wiser – in an abundance of caution – to reset all of its users’ passwords back in March 2015.

After all, leaving it until four years later looks a little bit… slack.


1 min read

Alan Turing – the face of the new £50 note

The Bank of England has announced that Alan Turing’s face will grace the new £50 note.


1 min read

tripwire.com

DDoS attack that knocked Telegram secure messaging service offline linked to Hong Kong protests

An attack which targeted users of the Telegram app on Wednesday might be linked to protests in Hong Kong that turned violent.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Hackers stole Flipboard users’ email addresses and hashed passwords

Flipboard warns that hackers gained access to its systems and accessed hashed passwords for nine months.


1 min read

bitdefender.com

Google stored business customers’ passwords in plaintext on its servers… for 14 years

Google has admitted that some of its business customers of G Suite (formerly known as Google Apps) had their passwords stored on the company’s internal servers for 14 years in plaintext.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

bitdefender.com

Sensitive data can lurk on second-hand hard drives

Birth certificates, photographs, names, email addresses, credit card details, social security numbers. All to be found on used hard drives for sale on eBay.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

Smashing Security #120: Silk Road with Deliveroo

Online drug dealers get busted due to poor OPSEC! People are still failing to wipe their USB sticks properly! A potential presidential candidate is outed as a former hacker! Flat Earthers! Pi! Empathy!

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.


1 min read

Find QuadrigaCX’s missing $190 million, and you could win a $100,000 bounty

There has been another twist in the curious case of QuadrigaCX, a Canadian cryptocurrency exchange whose CEO unexpectedly and suddenly died without telling anyone else his password.

And it sounds like more troubling news for investors.


2 min read

Colorado police encrypt *all* their radio communications, frustrating journalists

The police’s use of encryption is apparently making life harder for journalists in Colorado.

Good! Encryption is a good thing, not a bad thing.


1 min read

bitdefender.com

Police crack encrypted chat service IronChat and read 258,000 messages from suspected criminals

Dutch police have revealed that they were able to spy on the communications of more than 100 suspected criminals, watching live as over a quarter of a million chat messages were exchanged.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

Unencrypted laptop exposes personal details of 37,000 Eir customers, faulty security update blamed

Irish telecoms operator Eir is blaming a “faulty security update” for leaving unencrypted a staff member’s laptop which was subsequently stolen outside of one of its offices.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Not one of Google’s 85,000 employees has had their accounts compromised by phishing in a year.  How have they done it? Find out in this podcast.

Also, we discuss with special guest Scott Helme how websites still using HTTP are now marked as “not secure” by Google Chrome, and if you’re buying drugs via PayPal’s Venmo app you should say goodbye to privacy.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault.


1 min read

WannaCry ransomware scam tries to extort money without actually infecting your computer

Someone is trying to pull a fast one, attempting to trick unsuspecting users into paying a ransom… even though they *haven’t* infected your computer with ransomware.


1 min read

Paul Manafort accused of ‘foldering’ to hide communications

Foldering is a way of communicating without sending a message. And it’s just got Donald Trump’s former campaign chairman into an awful lot of trouble.


42 sec read

tripwire.com

Apple confirms it’s closing security loophole that police were using to crack iPhones

Yes, Apple is toughening up the security of iPhones with iOS 12. Yes, the steps Apple is taking will make it harder for law enforcement agencies to thwart iPhone security. But no, that’s not the reason Apple is doing it.

Read more in my article on the Tripwire State of Security blog.


0 sec read