Data Security

A major security flaw called CVE-2018-8897 was identified earlier this year in operating systems running Intel processors, which affected Microsoft, Apple, and Linux distributions. While you may not remember the name of this flaw, you will remember hearing about it. But its name and what it does matters. There is just too much information, and that makes for a hacker's paradise. For sure, CVE-2018-8897 is...

The cyber world, much like the real one, is filled with trade-offs and compromises. For instance, a VPN (virtual private network) may offer more privacy and security, but it can be a drag on your connection speed. Apple champions privacy, but plans obsolescence; you can’t replace a battery in an iPhone or upgrade your hardware without buying an entirely...

Assuming this is not a case where other shoes will be dropping with the thud of carefully manipulated damage control, MyHeritage did everything right. First, they were urgent. They released news of the event the day they found out that 92,283,889 user email addresses coupled with hashed passwords associated with personal MyHeritage accounts had been found on an outside...

At least four Chinese manufacturers had unfettered access to Facebook’s user data, thus joining the ranks of Cambridge Analytica, Blackberry, Apple, Amazon, Samsung and many, many other companies. This latest overshare on the part of Facebook dates back to a 2007 initiative that targeted roughly 60 device manufacturers in an effort to herd mobile phone users onto the Social...

You know the what digital transformation is, even if you haven't heard the term before (hint: it's been happening since the late 1990s). Yes, that digital transformation. To be sure, there have been significant advances on many fronts, butdata security isn't always--or even often--one of them. Companies are radically changing how they assemble and deploy business networks. Legacy systems are getting melded onto cloud services, in a...

The FBI has advised owners of internet routers worldwide to reboot their devices in order to disrupt and help better identify a malware-driven botnet called VPNFilter. "Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware," the...

KnowB4’s chief hacking officer Kevin Mitnick released a video that should send shudders down the spine of anyone using 2-factor authentication. Implementing a standard attack mode, in this case a spoofed invitation to connect from LinkedIn, Mitnick demonstrates how a hacker can bypass the multi-factor authentication by dint of session recording malware. This hack captures all the information needed for an account takeover:...

It doesn’t matter how many times you tell employees not to share passwords. A new study suggests many people are still going to do it. The 2018 Privileged Access Threat Report, recently published by Bomgar, a leader in identity and access management solutions for privileged users. The study is global, taking a look at employees, independent contractors, and third-party...

With all of the headlines about potential vulnerabilities and hacks through IoT-enabled devices, there’s a much more prevalent way to get got. The inherent risks of a hack or service-provider compromise connected to common digital devices are known. Consumers are willing to accept these risks in exchange for the convenience offered by those devices. So, it should be no...

Google’s email platform has more than a billion active monthly users as of the last count in February 2016, which is why the recent discovery of a Gmail vulnerability should be cause for concern for the entire Internet. The exploit uses a feature called “dots don’t matter,” which ironically was developed by Google as a security measure. In the simplest...