Apple's latest macOS, High Sierra, rolls out today with plenty of nice security upgrades, including weekly firmware validation. But the new OS apparently comes with a security problem, too — a security researcher at Synack has already discovered a way to snatch passwords from High Sierra.
Tagged With security
For months, the systems of Deloitte, a consulting and accounting firm that ranks among the world's "big four", were compromised and hardly anyone knew it. According to The Guardian, the breach has been kept under wraps since it was noticed by administrators in March. The attackers were able to access information from Deloitte's major corporate and government clients in the US — all because, it appears, someone didn't use two-factor authentication.
We've seen a lot of data breaches this year: some big, some small, some that are dangerous, and some that are just embarrassing. But if we were to name one as the creepiest data breach of 2017, this leak of logins for car tracking devices might take the cake.
A while back, I woke up to find my Android phone lingering at a pattern unlock screen. Not just to unlock my screen, but a prompt to decrypt all of my phone's data. I was puzzled. Every other morning, I decrypted my device using a 10-digit, alphanumeric passphrase — something I perceived, accurately, as being infinitely more secure than tracing a dumb pattern with my finger.
An Amazon server containing roughly a gigabyte's worth of credentials and configuration files belonging to behemoth media conglomerate Viacom were discovered online and unsecured, according to UpGuard, a California-based "cyber resiliency" firm. A security researcher working for the company discovered the server flapping in the wind last month — without so much as a password between it and the public web.
YouTube's latest push to ban terrorist propaganda across its ubiquitous video platform is getting off to a rough start. Earlier this week, noted investigative reporter and researcher Alexa O'Brien woke to find that not only had she been permanently banned from YouTube, but that her Gmail and Google Drive accounts had been suspended as well. She would later learn that a reviewer who works for Google had mistakenly identified her channel, in the words of a YouTube representative, as "being dedicated to terrorist propaganda".
When the iPhone X eventually arrives in November it will come loaded with a futuristic camera module that, if all goes right, should let you securely open your phone with little more than a glance. The promise is enticing — a perfect blend of convenience and security that's hard to come by in mobile computing devices. After an impressive demo of the tech on Tuesday, we're left with a glaring question: If it works as intended, then what happens to Touch ID?
Last year, two data scientists from security firm ZeroFOX conducted an experiment to see who was better at getting Twitter users to click on malicious links, humans or an artificial intelligence. The researchers taught an AI to study the behaviour of social network users, and then design and implement its own phishing bait. In tests, the artificial hacker was substantially better than its human competitors, composing and distributing more phishing tweets than humans, and with a substantially better conversion rate.
This article is part of a series on how law enforcement is fighting crime across digital borders. You can read the rest here.
The Australian government wants new powers to access encrypted communications, but do they need them?
A New York Times investigation offered some unnerving news on Friday. Not only was the hacking of electoral systems during last year's US election "more extensive than previously disclosed," the paper reports, multiple sources say that nobody's really examining the the attacks on a state or local level. The reasons why are as complex as they are alarming.
The United States Congress recently voted to repeal a set of regulations preventing Internet Service Providers (ISP) from selling your browsing info to third parties without your permission, setting an ominous tone for the future of net neutrality worldwide. That's why VPNs have surged in popularity as one of the last lines of defense for private browsing. While there are plenty of providers to choose from, few can match what Private Internet Access brings to the table.