Privacy and Security Fanatic
Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.
Dow Jones watchlist of high-risk businesses, people found on unsecured database
A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server.
Ransomware attacks hit Florida ISP, Australian cardiology group
Ransomware attacks might be on the decline, but that doesn't mean we don't have new victims. A Florida ISP and an Australian cardiology group were hit recently.
Bare-metal cloud servers vulnerable to Cloudborne flaw
Researchers warn that firmware backdoors planted on bare-metal cloud servers could later be exploited to brick a different customer’s server, to steal their data, or for ransomware attacks.
Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users
Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through...
North Korean hackers target Russian-based companies
The North Korean Lazarus APT group is going after the Russians. Russian hackers, however, needed less than 20 minutes in 2018 to completely pwn an organization.
2.7M recorded medical calls, audio files left unprotected on web
Every call made to 1177 Swedish Healthcare Guide service since 2013, and answered by the subcontractor Medicall, was stored on an unprotected server.
Disastrous cyber attack on email provider wipes US servers and backups
A cyber attack on email provider VFEmail caused “catastrophic destruction,” with hackers wiping the servers and backups.
Popular electric scooters can be remotely hacked
Researchers warned that Xiaomi M365 scooters can be remotely hacked from 100 meters away to slam on the brakes or to accelerate.
Android phones can be hacked remotely by viewing malicious PNG image
Android users are being told to patch their Android OS Nougat (7.0), Oreo (8.0) and Pie (9.0) as soon as updates are available after a bug related to PNG images was found.
Vendor allegedly assaults security researcher who disclosed massive vulnerability
A security researcher alleges the COO of Atrient assaulted and threatened him after disclosing a massive vulnerability in an Atrient product.
Nest Secure had a secret microphone, can now be a Google Assistant
The Nest Secure system had secret microphone that can now make the Nest Guard security hub double as Google Assistant device.
Hijacked Nest devices highlight the insecurity of the IoT
Internet of Things (IoT) devices, such as Nest cameras and thermostats, continue to be hacked. To prevent that, follow smart password practices and turn on 2FA.
Facebook secretly paid users $20 a month to use VPN spying app
After it was revealed that Facebook secretly paid people to use the Facebook Research VPN app, the social media site pulled the iOS version. But the Android version will continue.
Apple disables Group FaceTime after eavesdropping bug discovered
A bug in Apple's Group FaceTime made eavesdropping easy. A patch is expected this week.
Top security and privacy TED Talks from 2018
IoT security, insecure software, and data privacy are among the top security and privacy TED talks from 2018.
Privacy groups blast Google, IAB over data leak via ad auctions
New evidence to an ongoing GDPR complaint shows how ad categories used by Google and the Internet Advertising Bureau (IAB) profile you and apply potentially sensitive labels to you.
Millions of financial records leaked from server not protected by password
Another day, another massive leak blamed on failing to password-protect a server. This time it's sensitive financial data in an Elasticsearch database.
Hijacked Nest camera blares warning about North Korean missiles headed to U.S.
A hacker hijacked a Nest security camera and blasted a warning about three North Korean intercontinental ballistic missiles headed to Los Angeles, Chicago, and Ohio.
Data from smartwatch provided ‘key evidence’ against hitman
Police used data from a Garmin GPS watch to help get a man convicted for killing a crime boss known as Mr. Big.
Police can't force you to unlock your phone with face, finger or any biometrics
A judge in California ruled that law enforcement officials can’t force people to unlock their smartphones with a finger or thumbprint, facial recognition, or even an iris.
