News

passwords
walmart registers

hacker

IoT search engine ZoomEye cached passwords for tens of thousands of Dahua DVRs

IoT search engine ZoomEye scanned and stored Dahua DVR login credentials for anyone to find. Users should update vulnerable firmware before someone hacks the device.

spying tv

Lawmakers ask FTC to investigate smart TV privacy concerns

Two senators, alarmed about the potential of smart TVs to spy on users, asked the FTC to investigate the privacy policies and practices of smart TV manufacturers.

switch from mac to pc apple logo

Apple insider attempts to take autonomous car secrets to China

Xiaolang Zhang, an Apple hardware engineer, harvested 40 gigs of data about the Apple Car and took a server and circuit boards prior to announcing his intent to join XMotors and return to China.

abstract FinTech image of a dollar sign referencing digital transactions and potentially blockchain

Hackers steal $23.5M in cryptocurrency from 'decentralized' crypto exchange Bancor

Attackers used a compromised wallet to steal three different cryptocurrencies: $12.5 million of ether, $1 million of Pundi X, and $10 million of Bancor Network Tokens.

cockroach bug binary2

Microsoft-related bug reports up 121%, virtualization software bugs up 275%

The Zero Day Initiative saw a 33% increase in the number of bugs reported so far in 2018, which may shatter 2017's 'busiest year ever' record.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

Duty of care: Why (and how) law firms should up their security game

Lawyers have been slow to adopt modern technology — and even slower to respond to security threats. That may be changing.

gas station

Thieves hack Marathon gas station, steal $1,800 of gas

Hackers used a 'remote device' to steal 600 gallons of gas, valued at $1,800, from a prepaid Marathon gas pump in Detroit.

steal theft hacker crime laptop firewall

Sinovel Wind Group found guilty of IP theft, fined $1.5 million

While American Superconductor's data logs and stores were helpful in convicting Sinovel Wind Group of IP theft, a data loss prevention strategy could have identified the thieves' activities sooner.

collagepolarsteps

Polar fitness app exposed personal information of soldiers and spies

Reporters used the Polar fitness app's Explore API to determine GPS location data of sensitive locations, as well as names and addresses of soldiers and spies.

security threats and vulnerabilities

When an insider rides Pegasus into the dark web

An NSO Group employee, who'd worked there for only about 90 days, copied the company's Pegasus software and offered it for sale on the dark web for $50 million.

sparklers fireworks / American flag  independence day by  1200x8

Celebrate increased privacy: Supreme Court rules against warrantless location tracking

Celebrate your Fourth Amendment rights, the Supreme Court’s ruling against warrantless location tracking, and the impact that may have on technologies in the future.

bitcoin cryptocurrency

Quantum random number generator set to transform internet security

The world’s first practical quantum random number generator (QRNG) will reportedly overcome weaknesses of current encryption, revolutionizing internet security.

salted hash thumbnail final

Salted Hash Ep 34: Red Team vs. Vulnerability Assessments

This week on Salted Hash, Phil Grimes, Professional Services Lead at RedLegg, discusses why words matter, the concept of scoping for Red Teams, and shares more stories from his days in the field as we discuss tailgating and dumpster...

salted hash thumbnail final
video

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

patreon logo

No data breach at Patreon, but proactive notice caused some concern

Patreon, the membership platform that helps creators get paid for their work, sent users a letter on Monday warning them about a data breach at Typeform. But the proactive letter caused some panic, as more than a few people took it to...

privacy breach - surveilling eye at a digital keyhole in a binary wall

NSA deleting millions of phone call and text records over privacy violations

The NSA blames 'technical irregularities' in the call record data it received from telecoms for the mass purge of over 685 million phone and text message records.

Current state of privacy

Privacy breach: Home security camera footage sent to wrong person

Home security video from a Swann smart camera was sent to the wrong customer, enabling the person to see and hear activity of a different family.

reality winner nsa contractor

Reality Winner pleads guilty to revealing NSA secrets

Reality Winner, who was charged with giving a classified NSA report to the Intercept, pled guilty to sharing National Defense information.

Load More