PINDROP BLOG

Author: Dennis Fisher

September 14, 2017 | Dennis Fisher
Senator Seeks Privacy Answers on Face ID
As tech enthusiasts pore over the design details of the iPhone X and swoon at the thought of a quarter-inch more screen space, some lawmakers are asking Apple for more details about the way the phone’s new Face ID authentication system works and what might be done with users’ faceprints. Face ID is the biggest…
Read More →
September 13, 2017 | Dennis Fisher
Privacy Advocates Urge Better Protection for Financial Data
Privacy advocates are urging Congress to make major changes to the security and privacy guidance given to financial companies, and make breach notifications mandatory. In a statement sent to the leaders of the Senate Committee on Banking, Housing, and Urban Development the Electronic Privacy Information Center asked the committee to adjust the rules governing the…
Read More →
September 12, 2017
BlueBorne Attack Threatens IoT Devices
Researchers have developed a new attack against Bluetooth-enabled devices that takes advantage of the fact that these devices are always listening for connections and can be used by attackers to connect to nearby devices and then exploit one of several new vulnerabilities in the protocol to compromise the devices. The attack is known as BlueBorne…
Read More →
September 12, 2017 | Dennis Fisher
We’ve Reached Peak Data Breach
It would seem that data breaches have now reached their logically absurd peak. The compromise of Equifax, revealed last Thursday evening, is the kind of incident you get when attackers get bored of stealing cases of bottled water and decide to steal the entire mountain spring instead. As reported by Bloomberg, the breach affects the…
Read More →
September 11, 2017 | Dennis Fisher
Overlay Attack Threatens Many Android Users
A vulnerability in nearly all of the current versions of Android can be used by attackers to execute an overlay attack to trick users into installing malware, ransomware, or other malicious apps. The flaw affects most of the Android devices in use right now, except for those that have been updated to Oreo, the newest…
Read More →
September 7, 2017 | Dennis Fisher
Using Inaudible Voice Commands to Control Siri and Alexa
Researchers have developed a method for sending human-inaudible ultrasonic voice commands to voice-enabled assistants such as Alexa, Siri, and Google Assistant that could be used to force the assistants to visit attacker-controlled websites or take control of other connected smart devices. The technique is known as DolphinAttack and was developed by academic researchers at Zhejiang…
Read More →
September 6, 2017 | Dennis Fisher
Apache Fixes Critical Remote Flaw in Struts Framework
A severe remote code execution vulnerability has been sitting unnoticed in the Apache Struts web-app development framework for nine years, a flaw that researchers say threatens critical systems in banks, airlines, and many other organizations. The vulnerability lies in the way that the Struts framework handles untrusted data and researchers at lgtm, the company that…
Read More →
September 5, 2017 | Dennis Fisher
Phone, Email Scams Follow Hurricane Harvey
There is no tragedy or natural disaster that scammers and criminals won’t stoop to exploit, and the aftermath of Hurricane Harvey is proving to be no exception. Authorities at the FTC, the FBI, and US-CERT are warning consumers about a variety of phone and email scams in which fraudsters are using charitable donations or other…
Read More →
September 5, 2017 | Dennis Fisher
Facebook Adware Seen Stealing Users’ Access Tokens
The adware attack campaign that was spreading through Facebook Messenger late last month was enabled by the use of fake Chrome extensions and also stole victims’ Facebook access tokens. The campaign began spreading in the last couple of weeks of August through the use of Messenger messages that included the recipient’s name and a shortened…
Read More →
August 30, 2017 | Dennis Fisher
Scammers Impersonate IRS and FBI in New Ransomware Attack
The IRS and the FBI are warning consumers about a new phishing campaign that impersonates both of those agencies in an effort to collect victims’ personal information through a fake questionnaire. The phishing attack uses an email template that includes the seals of both the FBI and the IRS and it plays on people’s fear…
Read More →
Webinar: TACKLING THE 113% FRAUD INCREASE IN CALL CENTERS