Security news that informs and inspires

All Articles

1022 articles:

Android P to Favor Strong Biometrics

Google is incorporating a new biometric API into Android P to support the use of strong biometrics.

Biometrics

Verizon, Other Carriers, Pledge to End Sale of Location Data

Three mobile carriers said they will no longer sell customer location data to aggregators.

Privacy

GDPR-Style Privacy Regulations May Be On the Way in U.S.

Lawmakers are planning to introduce a privacy "bill of rights" that will include some elements of the new GDPR regulation.

Privacy, Government, Facebook

A Privacy Tradeoff of the macOS QuickLook Cache

A convenient feature in macOS called QuickLook can leak information about files that users preview, even in encrypted containers.

Apple

DHS, Energy Boost Security Strategy Amid Infrastructure Attacks

As nation-state actors increasingly target physical critical infrastructure, two federal agencies strategize on how to protect against national threats.

Government, Critical Infrastructure Security

Ancient Bug Haunts GnuPG-Based Encryption Tools

A bug from the 1990s allows attackers to spoof signatures on some encrypted emails in GnuPG and other tools.

Encryption

Senators Push to Require Paper Ballots to Secure Elections

A new bill would require the use of paper ballots and audits in all federal elections.

Election Security

Bug Allows Bypass of Code-Signing Tools on Macs

An issue with the way third-party tools implement Apple's code-signing API can allow malicious files to pass as legitimate ones.

Apple

Misconfigured Android Devices Open for Abuse

Android Debug Bridge is a debugging interface for developers troubleshooting faulty Android devices. Unfortunately, some vendors shipped devices with Android Debug Bridge enabled, which leaves these devices open for abuse.

Android, Mobile

Facebook Open Sources Sonar Debugging Tool

Facebook has open-sourced its internal Sonar debugging platform form Android and iOS apps development.

Facebook, Tools

Encrypt Act Blocks States From Banning Encryption

A group of lawmakers from both parties have introduced a new bill in the House of Representatives that would stop states and local governments from passing laws governing encryption. This will prevent states from passing their own laws before the federal government figures out what to do.

Legislation, Encryption

New Adobe Flash Bug Draws Attackers’ Attention

A freshly patched Flash vulnerability is being exploited by attackers targeting users in the Middle East.

Adobe

VPNFilter Malware Now Exploiting Endpoints, Not Just Routers

The VPNFilter malware has the ability to compromise endpoints and routers both and destroy data on infected devices.

Malware

Why Facebook Shared Data with Device Makers

The latest brouhaha over Facebook's data-sharing practices highlights how critical APIs have become to modern development, and how important it is to restrict how much data can be accessed through these interfaces.

Privacy, Api, Facebook

iOS 12 Goes Hard on Password Security

Apple is adding a slew of new password-security features in iOS 12 to help users avoid using weak or duplicate credentials.

Apple, Passwords