PINDROP BLOG

Category: Identity

March 28, 2017
Congress Asks FCC for Urgent Action on Mobile Security
Congressional leaders are continuing to pressure federal agencies to address shortcomings in the security of the telecommunications infrastructure, specifically to warn consumers about weaknesses that can open them up to remote surveillance. In a letter sent Tuesday, Rep. Ted Lieu and Sen. Ron Wyden asked FCC Chairman Ajit Pai to take “swift action” to resolve…
Read More →
March 27, 2017
Another Critical Bug Hits LastPass
A few days after LastPass released a fix for some critical security flaws in its extensions for Chrome and Firefox, a researcher has identified a new vulnerability in the browser extension that allows an attacker to get full code execution on a target machine. The details of the new bug are not public yet, but…
Read More →
March 7, 2017
Nest Adds Two-Step Verification for Users
Nest, maker of smart home thermostats and other devices, is adding two-step verification to its authentication process, making it more difficult for attackers to take over users’ devices. The company said on Tuesday that it is implementing the ability for users to require a short code sent by SMS as part of the sign-in process…
Read More →
February 13, 2017
The Joy and Pain of RSA Week
It’s that time of year again, when the security industry looks westward with a mixture of anxiety, dread, and expense-account induced giddiness: RSA week. When people who have never been to the RSA Conference before ask me what to expect, I never have a good answer. A lot of it depends on what your job…
Read More →
January 24, 2017
Lavabit Launches New Encrypted Email System
Lavabit, the secure email service that shut down in 2013 rather than turn over the encryption key for a user account to the federal government, has reemerged with a new encrypted mail offering based on a standard developed by the company. It’s been more than three years since Lavabit founder Ladar Levison decided to end the…
Read More →
January 10, 2017
Foreign Government Blamed for Anthem Data Breach
Attackers backed by a foreign government were behind the attack that compromised health insurance company Anthem in 2015, a breach that compromised the information of more than 78 million people, according to the findings of an investigation into the attack. The Anthem data breach is one of the larger health cae-related incidents ever in the United…
Read More →
December 22, 2016
Call Centers a Soft Target for Fraudsters
The fraud schemes that consumers and businesses face every day are the end result of a lot of research, work, and planning on the part of the criminals who perpetrate them. There are a lot of moving pieces in the background that victims never see, and often the schemes involve many intermediate steps before a…
Read More →
December 21, 2016
On the Wire Podcast: Michael Tiffany
Cybercriminals depend upon the income they generate from their schemes to fund further operations, and one of the main ways that they extract money from victims is through ad fraud. This week, researchers at White Ops disclosed the existence of the Methbot ad fraud network, which is using a sophisticated worldwide infrastructure and custom browsers…
Read More →
December 20, 2016
Mobile Wallets Present New Opportunities for Fraud
One of the great things about the advanced mobile devices everyone carries now is that they serve so many different purposes. They’re encyclopedias, world maps, communications devices, and now they’ve evolved to become wallets, too. But as convenient as mobile wallet technology is, it carries with it some unique threats and risks for both consumers…
Read More →
December 15, 2016
Yahoo Data Breach Highlights Defender’s Disadvantage
For the second time in less than three months, Yahoo has disclosed a massive data breach, and this is one for the record books. The company said more than one billion accounts are affected by the breach, and Yahoo officials still aren’t exactly sure how the attackers got in. On Wednesday evening, Yahoo CISO Bob…
Read More →