PINDROP BLOG

Category: Privacy

April 7, 2016
Apple Fixes Passcode Bypass Flaw in iOS 9.3.1
Apple has fixed a serious vulnerability in iOS that allowed any user to access the contacts and some other information on some iPhone models when they were locked. The bug was the result of a problem in the way that iOS 9.3.1 handled some commands through Siri. In some specific cases, an attacker with access…
Read More →
April 5, 2016
Former Exploit Broker: ‘Market is Misrepresented’
ORLANDO–The buying and selling of exploits for zero-day vulnerabilities in software is perhaps the most controversial topic in the security community over the last few years, but the CEO of a company that used to be one of the main players in that world said the market is misunderstood and not the hive of evil…
Read More →
April 4, 2016
How the Focus on Technology is Undermining Security
ORLANDO–It’s accepted as fact that many of the compromises and data breaches that make headlines and cost CSOs their jobs are accomplished through the use of known vulnerabilities and old techniques. These problems are fixable, but throwing money and technology at them is not the right answer, experts say. The security industry is experiencing an…
Read More →
April 1, 2016
Crypto Debate is About Power and Authority, Experts Say
Building devices and communications infrastructure that are resistant to compromise and surveillance has become an imperative in today’s environment, but it’s work that can run into roadblocks from government. The most pertinent current example is the encryption debate, and security experts say the security and privacy of users depends on the outcome of the conflict. The…
Read More →
April 1, 2016
FBI’s Mystery iPhone Technique at Center of Discussion
Apple has just released a new version of iOS, and it contains a number of important security fixes, notably one for a bug in iMessage. But there is at least one known vulnerability that isn’t patched in this version, and it’s in the hands of the FBI. The details of the flaw aren’t known, and…
Read More →
March 31, 2016
Wyden: ‘Plans to Weaken Strong Encryption Are a Double Loser’
Sen. Ron Wyden, who has been perhaps the most outspoken legislator on the topic of encryption, privacy, and government intervention in technology, said he will “use every power I have as senator” to prevent lawmakers from passing laws that weaken encryption. Wyden (D-Ore.) spoke Tuesday at RightsCon, a conference on digital rights and privacy, and…
Read More →
March 30, 2016
On the Wire Podcast: Mike Mimoso on the Apple-FBI Case
Dennis Fisher talks with Mike Mimoso of Threatpost about the details of Apple’s legal and PR battle with the FBI and federal government. The case involves a lot of oddities, including the FBI’s choice to play it out in public, why the FBI didn’t seek help from forensics experts, and why the government decided that…
Read More →
March 29, 2016
New Florida Law Exempts Agencies From Reporting Some Breach Details
Florida’s governor has signed a bill that allows state agencies not to release details of data breaches and security audits if that information would “facilitate the unauthorized access, modification, disclosure or destruction of data”. The new law, which went into effect on Friday, requires that agencies still release details of breaches to a group of state law…
Read More →
March 29, 2016
Apple Case May Cast a Long Shadow
Now that the Department of Justice has withdrawn its lawsuit against Apple in the case concerning the San Bernardino shooter’s iPhone, it’s clear that the legal and media battles of the last month and a half have produced more questions than they’ve answered. Chief among those remaining questions is this: What was the point? The…
Read More →
March 28, 2016
Facebook Testing Anti-Impersonation Feature
Phishing and account takeover attacks take many forms, especially on massive platforms such as Twitter or Facebook, and defending against them is a tall order. Facebook has tried a number of tactics over the years, and now the company is testing a new feature that will detect and warn users when someone else is trying…
Read More →
Webinar: TACKLING THE 113% FRAUD INCREASE IN CALL CENTERS