Zoom has risked alienating security and privacy advocates by announcing that only its premium service will feature end-to-end encryption, in order for it to comply more easily with FBI access requests. CEO, Eric Yuan, reportedly said on an analyst call yesterday that the entry-level version of the hugely popular video conferencing app would effectively not
Cyber Security
This is where news and updates on Cyber Security are published on a daily basis.
A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported
by Danny Bradbury Google has deleted an app from the Play Store that offered to delete Android software associated with China. The app, created by Jaipur, India-based developer OneTouch AppLabs, purported to scan Android phones for any apps with links to China. It used market research to identify apps from a named list and would
Amazon announced today it has added 12 new cargo aircraft to Amazon Air, bringing its total fleet to more than 80 aircraft, in part because of increased demand for shipments during the COVID-19 pandemic. The converted Boeing 767-300 were leased from the Air Transport Services Group. Amazon said one of the planes will begin transporting
You can now shore up your smart home security by leveraging Google’s top security offering Google has announced that its Advanced Protection Program (APP) is now available for Nest smart home devices. People could previously use their Google account with either APP or Nest devices, but not both at the same time. The update has
If you want to capture investor attention, you need a killer pitch. And that’s under normal circumstances. You’ve probably noticed that circumstances are anything but normal. With a global pandemic and the ensuing economic crisis, you’ll need to up your pitching game and get ready to bring the heat. We can help. Register today for
Almost 80% of US companies have suffered at least one cloud security breach over the past 18 months, with misconfiguration the number one concern among CISOs, according to Ermetic. The cloud security vendor commissioned IDC to interview 300 US cybersecurity leaders in organizations ranging in size from 1500 to more than 20,000 employees. The aim
Much like technology itself, the tools, techniques, and optimum processes for developing code evolve quickly. We humans have an insatiable need for more software, more features, more functionality… and we want it faster than ever before, more qualitative, and on top of that: Secure. With an estimated 68% of organizations experiencing zero-day attacks from undisclosed/unknown
by Paul Ducklin We’re absolutely delighted – delighted and proud! – to report that we won not one but two awards at last night’s European Cybersecurity Blogger Awards 2020. The awards usually take place alongside the Infosec show in London, England, but for rather obvious reasons both Infosec and the awards bash were cancelled this
French VC firm Idinvest has compiled some data about the European tech ecosystem. The firm has decided to focus on consumer tech in general, and there are some interesting trends that I’m going to break out here. You can read the full report here. The team has analyzed and surveyed 1,500 companies over multiple months.
What are some of the key things your children should know about before they make their first foray into social media? Since technology has permeated every facet of life, social media has become a daily part of it. Adults are not the only ones flocking to social sites; an increasing number of children are too.
New numbers from Canalys project a 7% drop in global PC sales, owing to financial strains. The category is one of countless impacted by the COVID-19-related shutdowns, but the group notes that the virus’s direct impact is mostly behind the industry, due to the rebounding of China’s supply chain. A resulting global recession, on the
Security experts are warning of a potential deluge of mobile SMS-based phishing (smishing) attacks as the UK’s Test and Trace service launches to mitigate a potential second wave of COVID-19 infections. The government scheme will require contact tracers to proactively reach out via email, text or phone call to anyone they believe has been in
Cybersecurity researchers today disclosed details for a new vulnerability in VMware’s Cloud Director platform that could potentially allow an attacker to gain access to sensitive information and control private clouds within an entire infrastructure. Tracked as CVE-2020-3956, the code injection flaw stems from an improper input handling that could be abused by an authenticated attacker
by Paul Ducklin A security reseacher from Delhi in India is a tidy $100,000 richer thanks to a bug bounty payout from Apple for an account takeover flaw that he discovered in the Sign in with Apple system. Bhavuk Jain, a serial bug bounty hunter, has described how he found the sort of bug that
Volkswagen Group finalized Tuesday its $2.6 billion investment into Argo AI, the Pittsburgh-based self-driving car startup that came out of stealth in 2017 with $1 billion in backing from Ford. The deal turns Argo into a global company with two customers — VW and Ford — as well as operations in the U.S. and Europe
The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000 A bug bounty hunter has disclosed a severe flaw in Apple’s “Sign in with Apple” feature that, if exploited, could have allowed an attacker to hijack people’s accounts on major third-party services. According to Bhavuk Jain, any accounts
Well that didn’t last long. Apple has patched a security vulnerability that allowed hackers to build a jailbreak tool allowing deep access to the iPhone software. In a security advisory, Apple acknowledged that it had fixed the vulnerability in iOS 13.5.1, posted Monday. The technology giant credited the unc0ver team, which released the jailbreak just
The Trump administration is reportedly accelerating plans to ban Chinese students with military ties from attending university in the US, as Beijing prepares its own national security law for Hong Kong. American officials with knowledge of the discussions at the top of government told the New York Times that the long-mooted plan would involve cancelling
Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. The findings are from a paper “DABANGG: Time for Fearless Flush based Cache Attacks” published by a pair of researchers, Biswabandan Panda and
by Danny Bradbury Windows 10 release 2004 is out, with a slew of new features. They include several updates to its security and privacy. Here’s what you get when you download it, as outlined in the company’s blog post. Microsoft has updated its System Guard Firmware Measurement. This feature, launched in Windows 10 1903, helps
Events in May offered support to the thesis that Africa can incubate tech with global application. Two startups that developed their business models on the continent — MallforAfrica and Zipline — were tapped by international interests. DHL acquired a minority stake in Link Commerce, a turn-key e-commerce company that grew out of MallforAfrica.com — a
The Station is a weekly newsletter dedicated to all things transportation. Sign up here — just click The Station — to receive it every Saturday in your inbox. Hi and welcome back to The Station, a newsletter dedicated to all the present and future ways people and packages move from Point A to Point B. I’m
The University of Texas at San Antonio (UTSA) is to create and lead a new federal digital research institute that will devise ways to shield America’s manufacturers from cyber-threats. In addition to assisting US industry in blocking cyber-attacks, the Cybersecurity Manufacturing Innovation Institute (CyManII) will explore how to help manufacturers achieve energy efficiency. Other areas
Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its ‘Sign in with Apple‘ system. The now-patched vulnerability could have allowed remote attackers to bypass authentication and take over targeted users’ accounts on third-party services and apps that have been registered using ‘Sign in
by John Shier Criminals have been quick to adapt to the global coronavirus pandemic. Sophos threat researchers have shown how cybercriminals have taken advantage of COVID-19 in myriad ways, and the FBI has warned us about criminals profiteering with advance fee and business email compromise scams. But what’s happening on the dark web, the scene
SpaceX on Saturday launched two NASA astronauts aboard its Crew Dragon spacecraft, and the accomplishment is a tremendous one for both the company and the U.S. space agency. At a fundamental level, it means that the U.S. will have continued access to the International Space Station, without having to rely on continuing to buy tickets
Editor’s note: Get this free weekly recap of TechCrunch news that any startup can use by email every Saturday morning (7am PT). Subscribe here. Most tech companies base compensation on an employee’s local cost of living, in addition to their skills and responsibilities. The pandemic-era push to remote work seems to be reinforcing that — if
The 40-year-old one-time CEO of a Utah tech company is serving a custodial sentence after downloading over 13,000 images of child sexual abuse, bestiality, and rape. Douglas Eugene Saltsman was sentenced yesterday to 210 days in prison and 48 months of probation by Utah 3rd District Judge Douglas Hogan after being convicted on three felony charges of
Mitron (means “friends” in Hindi), you have been fooled again! Mitron is not really a ‘Made in India’ product, and the viral app contains a highly critical, unpatched vulnerability that could allow anyone to hack into any user account without requiring interaction from the targeted users or their passwords. I am sure many of you
- 1
- 2
- 3
- …
- 146
- Next Page »