In This Section

PINDROP BLOG

Category: Hacking

October 4, 2016
Open Whisper Systems Makes the Case Against Data Retention
The continued success of the modern web relies on nothing so much as data, great roiling rivers of information produced by billions of users and trawled constantly by the network’s insatiable predators. They take in and store as much of that data as possible, and dissect, analyze, and categorize it every which way from Sunday.…
Read More →
September 30, 2016
Hack iOS 10 and Get $1.5 Million
The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10. The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company…
Read More →
September 28, 2016
Senators Demand Answers of Mayer on Yahoo Data Breach
Six Democratic senators are demanding answers from Yahoo CEO Marissa Mayer about the massive data breach that the company disclosed last week. The legislators want to know when Yahoo discovered the breach, which occurred in 2014, and why it took so long to disclose it to the public. The Yahoo data breach involves information from…
Read More →
September 28, 2016
Facebook Releases Osquery Network Detection Tool for Windows
Facebook has released a new tool that allows administrators and security teams to search for malicious processes, browser extensions, or other problematic issues on their Windows networks. The tool, called osquery, has been available for a couple of years for Linux and OS X environments, but now Facebook engineers have published a Windows version. It’s…
Read More →
September 27, 2016
‘Putting in a Back Door Isn’t the Solution’ to Encryption Debate
Rep. Michael McCaul, the chairman of the House Committee on Homeland Security, said forcing vendors to install backdoors or intentionally weakened encryption in their products is not the solution to the disagreement over law enforcement access to encrypted devices and said there needs to be international standards for how the problem is handled. McCaul (R-Texas), speaking…
Read More →
September 27, 2016
Google Releases Tools to Improve CSP Protection for Web Apps
Google is releasing a pair of new tools to help developers create and implement safer content security policies to protect against cross-site scripting vulnerabilities in their web applications. And the company also is adding CSP adoption efforts to its bug bounty program. Content security policy is a method that enables developers to specify which scripts…
Read More →
September 26, 2016
Rooting Out Sensitive Data in Email With MailSniper
One of the more common ways for sensitive data to leak from an organization is through email. Whether intentionally or through carelessness, employees will often include passwords, financial information, and other important data in emails that wind up in the wrong hands. Depending upon the kind of information, this can either be slightly embarrassing or potentially catastrophic for…
Read More →
September 23, 2016
Researchers Say iOS 10 Backup Passwords Easy to Crack
Apple seems to have made a curious security choice in iOS 10, one that enables attackers to brute force the password for a user’s local backup 2,500 times faster than was possible on iOS 9. Researchers at Elcomsoft, a Russian security company, discovered the issue, which is related to the choice of hashing algorithm in…
Read More →
September 22, 2016
500 Million Users Affected by Yahoo Data Breach
Yahoo today confirmed that state-sponsored attackers compromised the company’s network in 2014, stealing data belonging to 500 million users. The stolen data includes names, email addresses, phone numbers, hashed passwords, dates of birth, and security questions and answers, some of which were unencrypted. Yahoo officials said it doesn’t believe that bank account data, payment card…
Read More →
September 21, 2016
Nearly All Top Global Companies Have Leaked Credentials Online
Many CSOs live in fear of waking up to an email reporting a data breach at their company, but the threat to an enterprise isn’t limited to a compromise of that specific organization. A new report shows that there are leaked employee credentials online for 97 percent of the top 1,000 global companies, many of which…
Read More →
Introducing Pindrop® Express – Authenticate without compromise.