Facebook got hit hard by a currently unknown group of hackers. If you recently found yourself inexplicably logged out of the social media site, Facebook did it in response to the breach. The breach resulted in the theft of data pertaining to more than fifty million of the site's users. Here's what we know so far about the attack: The hackers pulled off their heist by taking advantage of three different vulnerabilities. Facebook detected the breach after spotting an unusual spike in … Read more
Apple IOS12 Users’ Photos And Contacts May Be Vulnerable
Jose Rodriguez, a Spanish Apple enthusiast, has discovered a new security flaw to be aware of. He posted a Proof of Concept video showing the exploit in action. We'll say upfront that this is a highly convoluted attack involving more than two dozen discrete steps. A hacker would need to be in possession of the phone to pull it off, so it's not something that's likely to become a major threat. Even so, we'll provide the details below. Apple has built in security measures that are … Read more
Payment Pages Are Being Compromised To Steal Data
Symantec's most recent statistics have revealed a disturbing trend. Malware designed to compromise checkout pages is seeing a big spike in use, with the company reporting a staggering 248,000 attempts since August 13th of this year, with more than a third of them (36 percent) between September 13th through September 20th. As disturbing as those numbers are, that's just the tip of the iceberg. As Symantec notes on their website: "If we compare the week of September 13 to 20 to the same … Read more
How Long Before You Experience A Cyber Attack?
According to this year's Traveler's Risk Index, published by The Traveler's Indemnity Company, a majority of business owners have a somewhat fatalistic view of hacking and data breaches. The index includes 52 percent of survey respondents indicating that they believe a cyber-attack is inevitable. The other statistics in the report paint a grim picture. Here's a quick overview: 55 percent of business owners say that they have not completed a cyber risk assessment 63 percent say that … Read more
Firefox Adds Data Breach Monitoring Service
Firefox is upping the ante where digital security is concerned, having just announced the release of a new, free service called 'Firefox Monitor.' The new service is designed with one specific goal in mind: To assist users in finding out if their accounts were exposed via a data breach. It was developed in partnership with Troy Hunt, whose website, "Have I Been Pwned" is one of the most popular destinations on the web for security-minded individuals. This website, in fact, is the driving … Read more
Government Payment Processor Exposes Data On Millions Of Americans
If you use the GovPayNet portal, be advised that your personal information is currently at risk. Although at this point, there's no indication that any hacker has made use of it. The portal is run by Government Payment Service, and is used by many Americans to pay fines, fees and bills generated by more than two thousand different government agencies operating in 35 states. Unfortunately, the way the website is configured, when it issues a receipt for a payment, it numbers those receipts … Read more
Data Breach Notifications May Get Standardized
A new piece of legislation is making its way through the halls of Congress that could standardize and streamline the data security and breach notification process for financial institutions. This is something that most people in the industry tout as an improvement over the current situation. The Consumer Information Notification Requirement Act (H. R. 6743) legislation was approved by committee not long after Congress received a letter cosigned by members from the American Bankers … Read more
An Exploited Website Can Cause Apple Products To Crash
Users of Apple tech have a new reason to worry. A security researcher named Sabri Haddouche, who works for an instant messaging app called "Wire," has published a proof of concept web page. It contains a fatal exploit that can crash and restart iPhones, iPads and any Mac. Essentially then, the entire Apple ecosystem is vulnerable. Worse, the security flaw can be exploited using nothing more than CSS and HTML code. The flaw resides in Apple's WebKit, which is its web rendering engine used … Read more
Popular NAS Device May Easily Be Compromised
Western Digital has a big problem, and if you use the company's "My Cloud" network-attached storage (NAS) storage devices, you've got one too. The WD My Cloud service is enormously popular because it's so convenient, allowing both business owners and individuals to store their files, perform periodic backups, and of course, access their data from anywhere in the world. Recently, security researchers have discovered an authentication bypass vulnerability that could allow an attacker to gain … Read more
Malware Reports Continue To Rise
We've known for some time now that the next big crisis the internet will have to come to grips with is the dramatic rise of the Internet of Things (IOT). The problem isn't with the devices themselves, which are enormously helpful and rapidly growing in their popularity. Rather, it lies in the fact that the overwhelming majority of IoT manufacturers have been notoriously lax when it comes to building even basic security protocols into the goods they make and sell. The lack of security and … Read more