PINDROP BLOG

Category: Authentication

January 24, 2017
Lavabit Launches New Encrypted Email System
Lavabit, the secure email service that shut down in 2013 rather than turn over the encryption key for a user account to the federal government, has reemerged with a new encrypted mail offering based on a standard developed by the company. It’s been more than three years since Lavabit founder Ladar Levison decided to end the…
Read More →
January 6, 2017
FTC Files Complaint Against D-Link Over Router, Camera Security
D-Link didn’t “take reasonable software testing and remediation measures” to protect users of its routers and IP-enabled cameras, failed to protect the private keys that sign the software on those devices, and put thousands of consumers at risk of attack, according to a new complaint brought against the technology vendor by the Federal Trade Commission. In…
Read More →
December 28, 2016
2016: Maybe Everything Wasn’t Completely Terrible
Let’s face it: 2016 has been pretty rough year. Things didn’t go all that well for humans in the last 12 months, and computers didn’t make out much better. Lots of things broke, and it seemed like whatever didn’t break was compromised, stolen, or lost. But not everything was terrible. There were some encouraging developments…
Read More →
December 22, 2016
Apple Delays Requirement for App Transport Security
Apple has pushed back a deadline for developers to support a key transport security technology in apps submitted to the company’s app stores. Officials said at the Apple Worldwide Developers Conference earlier this year that developers would have to support Apple Transport Security by the end of 2016. But on Wednesday, the company announced that…
Read More →
December 22, 2016
Call Centers a Soft Target for Fraudsters
The fraud schemes that consumers and businesses face every day are the end result of a lot of research, work, and planning on the part of the criminals who perpetrate them. There are a lot of moving pieces in the background that victims never see, and often the schemes involve many intermediate steps before a…
Read More →
December 20, 2016
Mobile Wallets Present New Opportunities for Fraud
One of the great things about the advanced mobile devices everyone carries now is that they serve so many different purposes. They’re encyclopedias, world maps, communications devices, and now they’ve evolved to become wallets, too. But as convenient as mobile wallet technology is, it carries with it some unique threats and risks for both consumers…
Read More →
December 19, 2016
Google Releases Project Wycheproof Crypto Test Suite
Google has released a new set of tests it uses to probe cryptographic libraries for vulnerabilities to known attacks. The tests can be used against most kinds of crypto algorithms and the company already has found 40 new weaknesses in existing algorithms. the tests are called Project Wycheproof, and Google’s engineers designed them to help…
Read More →
December 15, 2016
Transactional Fraud a Rising Threat For Contact Centers
The fraud landscape is a complex one, and the criminals who run these schemes have a wide variety of ruses to choose from. Which one a fraudster selects for a given attack can depend upon the target, the end goal, and the criminal’s particular talents. Almost all of these scams involve some form of social…
Read More →
December 15, 2016
Yahoo Data Breach Highlights Defender’s Disadvantage
For the second time in less than three months, Yahoo has disclosed a massive data breach, and this is one for the record books. The company said more than one billion accounts are affected by the breach, and Yahoo officials still aren’t exactly sure how the attackers got in. On Wednesday evening, Yahoo CISO Bob…
Read More →
December 2, 2016
Bugs in AirDroid App Allow Traffic Interception, Malicious Updates
AirDroid, a popular Android app used for remote management, has a number of security vulnerabilities that could allow an attacker to intercept and decrypt secure traffic and even inject a malicious app update to gain remote code execution on a target device. The main issue with the app is the use of a hard-coded encryption…
Read More →