Besides the usual suspects among the worst of passwords, a handful of notable – but similarly poor – choices make their debuts Password security company SplashData has released its annual list of the most commonly used passwords on the web, and the picture isn’t pretty. The number one spot belongs to ‘123456’, which is followed
“Pay $20,000 worth of bitcoin, or a bomb will detonate in your building” A massive number of businesses, schools, government offices and individuals across the US, New Zealand and Canada on Thursday received bomb threats via emails that caused nationwide chaos, forcing widespread evacuations and police response. The bomb threat emails were apparently sent by
Twitter accidentally exposed the ability to pull an account’s phone number country code and whether the accounts had been locked by Twitter. The concern here is that malicious actors could have used the security flaw to figure out which countries accounts were based in, which could have ramifications for whistleblowers or political dissidents. The issue
Facebook disclosed a Photo API bug affecting up to 6.8 million users, and the announcement came one day after the company said it paid more than $1.1 million in bug bounties in 2018. The Facebook API bug was active for 12 days — from Sept. 13th to Sept. 25th — according to the company, and
Printers around the world appear to have been hijacked again with a message to subscribe to a popular YouTube vlogger, and improve their cybersecurity. Those behind the attack are thought to be the same ones that managed to get a message in support of social media star PewDiePie printed out on 50,000 machines last month.
by Lisa Vaas What do Nutella, the Pentagon, Kanye West and cryptocurrency owners have in common? They’re all really really bad at passwords. In fact, they’re the top four when it comes to password craptitude, according to an annual list of the worst password offenders put out by password managing app Dashlane. Dashlane released the
Maggie Lane Contributor Maggie Lane is a writer and producer of virtual reality experiences and covers the industry for various publications. More posts by this contributor Inside Nickelodeon’s Teenage Mutant Ninja Turtles VR Interview Experience Does Ready Player One reveal the future of VR? [embedded content] You need to stop procrastinating. Maybe it’s time for
By Kristol, Sales Account Manager and President, McAfee African Heritage Community If you talked to me when I first started working at McAfee, I wouldn’t have believed you if you told me that I’d still be working here 16 years later. But I am still working here, and I’ve grown from every challenge and success
Shamoon is back… one of the most destructive malware families that caused damage to Saudi Arabia’s largest oil producer in 2012 and this time it has targeted energy sector organizations primarily operating in the Middle East. Earlier this week, Italian oil drilling company Saipem was attacked and sensitive files on about 10 percent of its
Colin Kroll, the 35-year-old co-founder and CEO of the HQ Trivia app, has been found dead of an apparent drug overdose in his apartment, TechCrunch has confirmed. A spokesman for the NYPD told us that a female called 911 for a wellness check on Kroll’s apartment and he was found dead inside at 08:00 hours
Law enforcement agencies across the country spent the better part of yesterday evening investigating a slew of bomb threats delivered by email to businesses and universities across the US and Canada. The hoax email warning that an explosive device was in the recipient’s place of work evoked fear among many Americans yesterday, according to KrebsonSecurity.
by Lisa Vaas Facebook filed a patent, titled “Offline Trajectories,” last week in which it proposes predicting users’ “location trajectories” – in other words, where we’re likely headed. Knowing when we’re about to hurtle into a no-WiFi-connection limbo means Facebook can “prefill” our phones with content and ads. It knows enough to know a lot more
Zack Kanter Contributor Zack Kanter is the co-founder of Stedi. More posts by this contributor Why Amazon is eating the world While serverless is typically championed as a way to reduce costs and scale massively on demand, there is one extraordinarily compelling reason above all others to adopt a serverless-first approach: it is the best
It was the last item on my list and Christmas was less than a week away. I was on the hunt for a white Northface winter coat my teenage daughter that she had duly ranked as the most-important-die-if-I-don’t-get-it item on her wishlist that year. After fighting the crowds and scouring the stores to no avail,
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan‘ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. SQLite is a
It feels like there’s a WeWork on every street nowadays. Take a walk through midtown Manhattan (please don’t actually) and it might even seem like there are more WeWorks than office buildings. Consider this an ongoing discussion about Urban Tech, its intersection with regulation, issues of public service, and other complexities that people have full
An unprotected ElasticSearch server led to a potentially massive data leak for a popular avatar app maker, Boomoji. The app, which is based in China and has 5.3 million users across the globe, allows iOS and Android users to create 3D avatars. The personal data of its entire user base was exposed after Boomoji reportedly left
by Danny Bradbury Google keeps tabs on much of your activity, including your browsing history and your location. Now, it turns out that its YouTube service is also reading what’s in your videos, too. Programmer Austin Burk, who goes by the nickname Sudofox, discovered the issue after discovering a cross-site scripting (XSS) flaw on another site.
After gaming chat app startup Discord announced in August that they were building out a games store, today, they’ve detailed that they’ll be pursuing a very competitive 90/10 revenue split for self-published titles in 2019. In addition, the company revealed that they now have 200 million active users on their chat app, up from 130
Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims. Destructive attacks have a critical impact on businesses, causing the loss of data or crippling business operations. When a company is impacted, the damage can be significant. Restoration can
As the threat of bogus apps continues, what can we do to protect ourselves against these fraudulent practices? There’s nothing new about advertisers and app developers using deceptive practices, but the Touch ID scam that Lukáš Štefanko wrote about recently is a significant twist in this ongoing story. Of course, iOS users are not alone
Facebook’s latest screw-up — a programming bug in Facebook website accidentally gave 1,500 third-party apps access to the unposted Facebook photos of as many as 6.8 million users. Facebook today quietly announced that it discovered a new API bug in its photo-sharing system that let 876 developers access users’ private photos which they never shared
Ryan Craig Contributor More posts by this contributor Facebook is going back to college Broadening education investments to full-stack solutions Although many of the milestones of the digital revolution have sprung directly from the research output of America’s colleges and universities, like Athena from Zeus’s forehead, on the instructional side, American higher education has taken
The Logitech Options app, which configures the company’s mice and keyboards in Windows, relies on an ineffective authentication mechanism that enables malicious webpages to execute code on a victim’s machine. Tavis Ormandy, vulnerability researcher with Google’s Project Zero, found the flaw in the Logitech Options app when he tried to rebind a button on his
by Lisa Vaas Are you one of the travelers to the US who’ve been stopped, questioned, and required to hand over your electronic devices for search? Our apologies: there’s a good chance that we still have your data kicking around on a USB drive. Somewhere. Maybe. Unless we lost it, I guess. The Office of
Netflix loves to test new ideas, and its latest experiment is an odd new feature that lets viewers watch a scene again. A selection of Netflix subscribers noticed the new addition, which serves a pop-up asking if they want to “watch this scene again” after certain ‘highlight’ scenes in a show. The streaming giant confirmed
The Cyber Security Gurukul Series is an initiative by the ‘Women Wizards Rule Tech (W2RT)’, a unique program designed exclusively for Women professionals in Core Technologies by noted industry body NASSCOM. Focused specifically on the IT-ITES/BPM, Product and R&D Firms, the key aim of this initiative is to enable women with deeper knowledge various technologies
An interview with ESET researchers Tomáš Gardoň and Filip Kafka on their research of a malware toolkit used in espionage against the Malaysian government In a presentation at AVAR 2018, ESET’s Tomáš Gardoň and Filip Kafka uncovered their research of a previously undocumented espionage toolkit, used in targeted attacks against the Malaysian government in mid-2018.
Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched by the tech giant this month is listed as publicly known at the time of