Google, Facebook, Twitter Ask Trump to Protect Strong Crypto
A group of powerful technology vendors and Internet firms, including Google, Twitter, Uber, Amazon, and Facebook, have sent a letter to Donald Trump’s transition team asking the president-elect to protect the use of strong encryption and consider reforms of the mass surveillance laws. The letter, written by the Internet Association, includes several pages of policy […]
Researchers Warn of BlackNurse Low-Volume DDoS Attacks
The recent wave of high-profile DDoS attacks against hosting providers, telecoms, and other targets have been among the most powerful ever seen, but researchers say there’s a relatively new DDoS technique being used by some attackers that uses much lower volumes of attack traffic and can keep even well-protected targets offline. The attack is a […]
Mozilla to Enforce Content Security by Default in Firefox
One of the many ways that attackers use to get their malicious code onto users’ machines is by using drive-by downloads. They often will compromise benign sites and use them to load malicious content in users’ browsers, and now Mozilla is making a ket change to its Firefox browser in an effort to make security […]
Yahoo Data Breach May Have Been Identified in 2014
Some Yahoo employees were aware that the company had been compromised as far back as 2014, even though Yahoo officials only disclosed the breach affecting 500 million users two months ago, the company said in a regulatory filing. The company also said that on Monday, law enforcement officials informed Yahoo that a hacker had come […]
Pindrop’s Phoneprinting Technology Addresses the $400 Million Fraud Problem
Analysts at Aite Group have identified five key security and service steps that legacy solutions are failing to perform. These are the features that are keeping Caller ID, KBA, and voice biometrics from being viable anti-fraud and authentication solutions for the contact center. With 61% of account takeovers traced back to the contact center, this […]
Google to Label Some Sites as Malicious Repeat Offenders
Google is planning to make life a little more difficult for some site owners who host malware, by adding new warnings to its Safe Browsing system to let users know that the sites are known to repeatedly add and remove malicious content to try and trick Google’s system. The company’s Safe Browsing system is used […]
House Lawmakers to Look at Mirai Botnet DDoS Attacks
A pair of House subcommittees are planning to hold a joint hearing to look at the role that IoT devices have played in a number of recent DDoS attacks. Much of the high-profile DDoS activity that’s taken place lately has been attributed to the Mirai botnet, a series of networks made up of compromised embedded devices. […]
WebView Bug Can Force iPhones to Make Calls
A bug in the way that iOS WebView handles some kinds of links can be used to force a victim’s iPhone to call a number controlled by an attacker, such as a premium-rate number, a security researcher has found. The vulnerability lies in the way that WebView treats some links, specific phone number links in apps. […]
Tesco Bank Refunds £2.5 Million, Restores Online Service After Attack
Two days after suspending all online payments following an attack, Tesco Bank in the U.K. has resumed full service and bank officials say they have refunded about £2.5 million to customers affected by the incident. The exact nature of the attack on the bank’s customers still isn’t clear, but last weekend many Tesco customers reported that significant amounts of […]