RECENT ARTICLES
Security bugs let these car hackers remotely control a Mercedes-Benz
Few could ever forget back in 2015 when security researchers Charlie Miller and Chris Valasek remotely on a highway with a Wired reporter at the wheel.Since then, the car hacking world has bustled with security researchers looking to find new bugs — and ways to exploit them — in a new wave of internet-connected cars that have only existed the past decade.This year’s Black Hat security conference — albeit virtual, thanks to the coronavirus pandemic — is no different.Security researchers at the Sky-Go Team, the car hacking unit at Qihoo 360, found more than a dozen vulnerabilities in a...…Few could ever forget back in 2015 when security researchers Charlie Miller and Chris Valasek remotely on a highway with a Wired reporter at the wheel.Since then, the car hacking world has bustled with security researchers looking to find new bugs — and ways to exploit them — in a new wave of internet-connected cars that have only existed the past decade.This year’s Black Hat security conference — albeit virtual, thanks to the coronavirus pandemic — is no different.Security researchers at the Sky-Go Team, the car hacking unit at Qihoo 360, found more than a dozen vulnerabilities in a...WW…
Amazon says police demands for customer data have gone up
Amazon has said the number of demands for user data made by U.S. federal and local law enforcement have increased more during the first half of 2020 than during the same period a year earlier.The disclosure came in the company’s , published Thursday.The figures show that Amazon received 23% more subpoenas and search warrants, and a 29% increase in court orders compared to the first half of 2019. That includes data collected from its Amazon.com retail storefront, Amazon Echo devices and its Kindle and Fire tablets.Breaking those figures down, Amazon said it received:The number of requests to...…Amazon has said the number of demands for user data made by U.S. federal and local law enforcement have increased more during the first half of 2020 than during the same period a year earlier.The disclosure came in the company’s , published Thursday.The figures show that Amazon received 23% more subpoenas and search warrants, and a 29% increase in court orders compared to the first half of 2019. That includes data collected from its Amazon.com retail storefront, Amazon Echo devices and its Kindle and Fire tablets.Breaking those figures down, Amazon said it received:The number of requests to...WW…
Alcohol delivery service Drizly hit by data breach
Online alcohol delivery startup Drizly has told customers that it was hit by a data breach.In an email to customers, obtained by TechCrunch, the company said that a hacker “obtained” some customer data. The hacker took customer email addresses, date-of-birth, passwords hashed using the stronger bcrypt algorithm and, in some cases, delivery address, the email read.As many as 2.5 million Drizly accounts are believed to have been stolen. TechCrunch obtained a portion of the data, including several accounts of Drizly staff members. We verified the data against public records. The portion of...…Online alcohol delivery startup Drizly has told customers that it was hit by a data breach.In an email to customers, obtained by TechCrunch, the company said that a hacker “obtained” some customer data. The hacker took customer email addresses, date-of-birth, passwords hashed using the stronger bcrypt algorithm and, in some cases, delivery address, the email read.As many as 2.5 million Drizly accounts are believed to have been stolen. TechCrunch obtained a portion of the data, including several accounts of Drizly staff members. We verified the data against public records. The portion of...WW…
CBP says it's "unrealistic" for Americans to avoid its license plate surveillance
has admitted that there is no practical way for Americans to avoid having their movements tracked by its license plate readers, according to its latest privacy assessment.CBP published — three years after its first — to notify the public that it plans to tap into a commercial database, which aggregates license plate data from both private and public sources, as part of its border enforcement efforts.The U.S. has a massive network of license plate readers, typically found on the roadside, to collect and record the license plates of vehicles passing by. License plate readers thousands of...…has admitted that there is no practical way for Americans to avoid having their movements tracked by its license plate readers, according to its latest privacy assessment.CBP published — three years after its first — to notify the public that it plans to tap into a commercial database, which aggregates license plate data from both private and public sources, as part of its border enforcement efforts.The U.S. has a massive network of license plate readers, typically found on the roadside, to collect and record the license plates of vehicles passing by. License plate readers thousands of...WW…
TikTok says it saw a rise in government demands for user data
Late last year, TikTok’s parent company ByteDance joined the raft of American tech giants that publish the number of government demands for user data and takedown requests by releasing its own numbers. The move was met with heavy skepticism, amid concerns about the app maker’s links to China, and accusations that to U.S. national security, a claim it has repeatedly denied.In its second and most recent transparency report, published today, TikTok said it received 500 total legal demands, including emergency requests, from governments in the first half of the year, up 67% on the previous...…Late last year, TikTok’s parent company ByteDance joined the raft of American tech giants that publish the number of government demands for user data and takedown requests by releasing its own numbers. The move was met with heavy skepticism, amid concerns about the app maker’s links to China, and accusations that to U.S. national security, a claim it has repeatedly denied.In its second and most recent transparency report, published today, TikTok said it received 500 total legal demands, including emergency requests, from governments in the first half of the year, up 67% on the previous...WW…
How Have I Been Pwned became the keeper of the internet's biggest data breaches
launched in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach?Seven years later, the data-breach notification service processes thousands of requests each day from users who check to see if their data was compromised — or pwned, with a hard “p” — by the hundreds of data breaches in its database, including some of the largest breaches in history. As it has grown, now sitting just below the 10 billion breached-records mark, the answer to Hunt’s original question is more clear.“Empirically, it’s very likely,” Hunt told me from his home on Australia’s...…launched in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach?Seven years later, the data-breach notification service processes thousands of requests each day from users who check to see if their data was compromised — or pwned, with a hard “p” — by the hundreds of data breaches in its database, including some of the largest breaches in history. As it has grown, now sitting just below the 10 billion breached-records mark, the answer to Hunt’s original question is more clear.“Empirically, it’s very likely,” Hunt told me from his home on Australia’s...WW…
US government agency warns of fresh Palo Alto VPN security flaw
The U.S. government is warning that foreign nation-state hackers will “likely attempt” to exploit a new “critical”-rated security vulnerability found in a number of widely used Palo Alto Networks’ network appliances, which if exploited could allow an attacker to break into a company’s network with relative ease.That’s from US Cyber Command, a division of the Dept. of Defense and former sister-agency to the NSA, which said enterprises should patch their vulnerable devices as soon as possible.Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use....…The U.S. government is warning that foreign nation-state hackers will “likely attempt” to exploit a new “critical”-rated security vulnerability found in a number of widely used Palo Alto Networks’ network appliances, which if exploited could allow an attacker to break into a company’s network with relative ease.That’s from US Cyber Command, a division of the Dept. of Defense and former sister-agency to the NSA, which said enterprises should patch their vulnerable devices as soon as possible.Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use....WW…
A domestic violence help app backed by Dr. Phil exposed victims' distress recordings
Back in 2013, Robin McGraw, wife of U.S. television personality Dr. Phil, launched an app to help domestic violence victims covertly signal for distress. It was quickly heralded as for those in harm’s way., which claims , is disguised to look like an innocuous news reading app that domestic violence victims can use to alert friends and family to abuse or danger. When a victim taps the top bar of the app three times, the app can alert trusted contacts with a prewritten message, a prerecorded voice note and the victim’s precise location by text message to indicate that they need help or are...…Back in 2013, Robin McGraw, wife of U.S. television personality Dr. Phil, launched an app to help domestic violence victims covertly signal for distress. It was quickly heralded as for those in harm’s way., which claims , is disguised to look like an innocuous news reading app that domestic violence victims can use to alert friends and family to abuse or danger. When a victim taps the top bar of the app three times, the app can alert trusted contacts with a prewritten message, a prerecorded voice note and the victim’s precise location by text message to indicate that they need help or are...WW…
Apple's iOS 14 will give users the option to decline app ad tracking
A new version of iOS wouldn’t be the same without a bunch of security and privacy updates. Apple on Monday announced a ton of new features it’ll bake into iOS 14, expected out later this year with the release of new iPhones and iPads.Apple said it will allow users to share your approximate location with apps, instead of your precise location. It’ll allow apps to take your rough location without identifying precisely where you are. It’s another option that users have when they give over their location. Last year, Apple allowed users to so that apps can’t track a person as they go about their...…A new version of iOS wouldn’t be the same without a bunch of security and privacy updates. Apple on Monday announced a ton of new features it’ll bake into iOS 14, expected out later this year with the release of new iPhones and iPads.Apple said it will allow users to share your approximate location with apps, instead of your precise location. It’ll allow apps to take your rough location without identifying precisely where you are. It’s another option that users have when they give over their location. Last year, Apple allowed users to so that apps can’t track a person as they go about their...WW…
Oracle's BlueKai tracks you across the web. That data spilled online
wondered why online ads appear for things that you were just thinking about?There’s no big conspiracy. Ad tech can be creepily accurate.Tech giant Oracle is one of a few companies in Silicon Valley that has near-perfected the art of tracking people across the internet. The company has spent a decade and billions of dollars buying startups to build its of users’ web browsing data.One of those startups, BlueKai, which Oracle bought in 2014, is barely known outside marketing circles, but it amassed one of the largest banks of web tracking data outside of the federal government.BlueKai uses...…wondered why online ads appear for things that you were just thinking about?There’s no big conspiracy. Ad tech can be creepily accurate.Tech giant Oracle is one of a few companies in Silicon Valley that has near-perfected the art of tracking people across the internet. The company has spent a decade and billions of dollars buying startups to build its of users’ web browsing data.One of those startups, BlueKai, which Oracle bought in 2014, is barely known outside marketing circles, but it amassed one of the largest banks of web tracking data outside of the federal government.BlueKai uses...WW…