Category: Uncategorized
You are here: Home \ Uncategorized
Lenovo has patched two serious vulnerabilities that hackers could abuse in targeted attacks, or at scale, to easily guess administrator passwords on a compromised device, or elevate privileges to Windows SYSTEM user. The vulnerabilities were patched last Thursday by the manufacturer and details were disclosed Tuesday by researchers at IOActive, who privately reported the flaws...
A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed 10 days ago. Researcher Randy Westergren found and reported an issue in United’s mobile app in May, shortly after the airline announced its bug bounty program, the...
eDellroot is not the only self-signed trusted root certificate on Dell computers. Researchers at Duo Security found two more on a Dell Inspiron 14-inch laptop purchased by Darren Kemp, one of its researchers who is based in Calgary, Canada, including one cert related to eDellroot that also ships with a corresponding private key, and a...
Thousands of cable modems manufactured by the Georgia-based telecom Arris suffer from a series of issues: XSS and CSRF vulnerabilities, hard-coded passwords, and what a researcher is calling a backdoor in a backdoor. Brazilian researcher Bernardo Rodrigues stumbled upon the issues several months ago while researching cable modem security for a conference and disclosed them...
12 November 2015 - 10:43, by , in Uncategorized, No comments
If you were born in California since 1983, the state owns your DNA. The data of every Californian born since that year is kept in a bland office building in Richmond, a city located in the eastern section of the San Francisco Bay Area. That data’s not just passively kept, mind you: it’s also being...
12 November 2015 - 10:31, by , in Uncategorized, No comments
Microsoft’s new plan to keep the US government’s hands off its customers’ data: Germany will be a safe harbor in the digital privacy storm. Microsoft on Wednesday announced that beginning in the second half of 2016, it will give foreign customers the option of keeping data in new European facilities that, at least in theory,...
11 November 2015 - 21:48, by , in Uncategorized, No comments
US federal prosecutors, on Tuesday, unveiled criminal charges against three men accused of orchestrating the biggest theft of customer data from financial institutions in the country’s history – encompassing personal data belonging to more than 100 million people. Unsealing a 23-count indictment in Manhattan, the Justice Department charged Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein with computer hacking...
11 November 2015 - 10:44, by , in Uncategorized, No comments
Max Schrems must be pleased. He who rose up from the ranks of Facebook’s privacy-ravaged users to file complaints against what he said was Facebook’s illegal data collection/retention, and is now witnessing the fruits of his labor. Or, as he tweeted in response to the Belgian court giving Facebook 48 hours to stop tracking those without...
10 November 2015 - 11:01, by , in Uncategorized, No comments
A 15-year-old schoolboy arrested and questioned over the TalkTalk cyberattack is suing three UK newspapers over alleged breach of privacy. Lawyers for the teenager, who’s from Northern Ireland, told the court that the boy was recognizable in the newspapers’ coverage, even though the publications altered his image. According to the Irish Independent, his lawyers said...
10 November 2015 - 10:56, by , in Uncategorized, No comments
A fugitive is back in custody having spent a year posting selfies onto Facebook showing his tanned mug and his beachside hideaway. Nick Grove’s 2014 escape from jail, by scaling a barbed-wire fence, would have been worthy of being the next Jason Bourne movie if only he’d been followed around by a Hollywood production staff...