Mozilla Wants to Build an Open Voice Engine
With manufacturers weaving voice control into a wide variety of devices, from phones to cars to home assistants, the accuracy of the voice-recognition engines in those products is becoming vital. Mozilla is hoping to help improve that accuracy with the release of its new Common Voice project. The new initiative is a response to the […]
Preventing Forgery With Paper Fingerprinting
In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team […]
The Joy and Pain of RSA Week
It’s that time of year again, when the security industry looks westward with a mixture of anxiety, dread, and expense-account induced giddiness: RSA week. When people who have never been to the RSA Conference before ask me what to expect, I never have a good answer. A lot of it depends on what your job […]
Yahoo Data Breach Highlights Defender’s Disadvantage
For the second time in less than three months, Yahoo has disclosed a massive data breach, and this is one for the record books. The company said more than one billion accounts are affected by the breach, and Yahoo officials still aren’t exactly sure how the attackers got in. On Wednesday evening, Yahoo CISO Bob […]
Dozens Arrested in Huge European Online Fraud Raid
Law enforcement officials in 10 countries conducted sweeping raids Monday on what they is a distributed, organized cybercrime ring that has been conducting online fraud operations across Europe and have stolen more than €3.5 million. The raids were coordinated by Europol and involved authorities in the U.K., Spain, Portugal, France, Ireland, and several countries, and resulted […]
Visa and Intel Collaborate on IoT Payment Security
As the security of IoT devices has become more and more of a problem, Visa and Intel are forming an alliance to make payments from those devices more secure and trustworthy. The partnership has two separate components: adding Visa’s encryption technology to devices that use Intel’s chipsets, and hardware-level device authentication to ensure that payments are […]
On the Wire Podcast: Jessy Irwin
Jessy Irwin makes her triumphant return to the podcast to help us work through our feelings about the Yahoo data breach, the NIST guidance on SMS two-factor authentication, and why we’re still giving terrible security advice to users. Dennis Fisher and Jessy also talk about what kind of breaches could be lurking on the horizon […]
68 Million Hashed Dropbox Passwords Dumped Online
The scope of a compromise of Dropbox four years ago that the company initially said only involved customer email addresses being stolen has now expanded, with more than 68 million user passwords dumped online. The cache comprises passwords that are hashed with either SHA-1 or bcrypt and none of them are in plaintext. When Dropbox […]
Google Login Issue Allows Credential Theft
Attackers can add an arbitrary page to the end of a Google login flow that can steal users’ credentials. or alternatively, send users an arbitrary file any time a login form is submitted, due to a bug in the login process. A researcher in the UK identified the vulnerability recently and notified Google of it, […]