A Mix-Up Meant Malware Could Have Posed as Apple Software, and Nobody Noticed for Over 10 Years

Security researchers on Tuesday unveiled a method that could’ve allowed hackers to bypass a wide range of commercial products designed to protect Apple devices from malware. While there’s no evidence the bypass was ever used maliciously, the issue went unnoticed for over a decade. Read More >>

Weight Watchers Swears No Customer Data Exposed After Dozens of Servers Found Publicly Accessible

Dozens of servers containing Weight Watcher’s data were left exposed after the company failed to password protect software used for managing application containers, according to German cybersecurity firm Kromtech. Read More >>

Apple Declares War on ‘Browser Fingerprinting,’ the Sneaky Tactic That Tracks You in Incognito Mode

Apple is rolling out some new and much-welcomed privacy protections for Safari that it says will prevent third parties from tracking you, particularly when you’re already doing everything you can to fly under the radar. Read More >>

The Islamic State is Getting Rich Off Your Makeup and Baby Powder

Satellite images reveal extensive mining operations not far from the site of a 2017 US airstrike in the Nangarhar Province of Afghanistan — an attack most of us remember only because of the nightmarish nickname of the weapon employed: The “Mother of All Bombs.” The 20,000-pound GBU-43/B Massive Ordnance Air Blast, or MOAB, was detonated above a massive tunnel complex as a group of suspected insurgents reportedly hid within. Read More >>

New PGP Encryption Exploits Are Being Discovered Almost Every Other Day

For more than a week, PGP developers have been rapidly working to patch critical flaws in the legacy encryption protocol used for sending and receiving secure emails that’s widely relied upon by lawyers, journalists, dissidents, and human rights advocates, many of whom operate at the highest levels of risk while in shadows of oppressive, unforgiving regimes. Read More >>

Nation-State Hackers Could ‘Self-Destruct’ Half a Million Routers, Researchers Warn

Security researchers said Wednesday that at least 500,000 home and small business routers in up to 54 countries are infected with a new breed of malware called VPNFilter, a prior version of which wreaked havoc across Ukraine. Read More >>

Amazon Echo That Records Kids Draws Concern From U.S. Lawmakers

U.S. lawmakers are raising concerns over the Amazon Echo Kids Edition, a hands-free, voice-controlled hockey puck of a device that reads bedtime stories, plays Disney tunes, and programs our offspring to be tactful and courteous when interacting with artificial intelligent machines — a useful survival skill to impart in advance of humanity’s impending subservience to the cybernetic authoritarian regime that shall one day enslave us all. Read More >>

Equifax Now Says Over 56,000 Driver’s Licences, Passports, and Other IDs Were Stolen, Too

Credit-reporting agency Equifax has revealed new details this week about the personal data of customers exposed in last year’s data breach. Read More >>

Humans Are the Weakest Link: Tales of a Social Engineer

There’s really no need to break into a network remotely if you can easily get through the front door and grab whatever you need. Read More >>

The Systems That Control Water and Power Plants Are Shockingly Vulnerable to Hackers, Study Finds

A disturbingly high percentage of industrial control systems (ICS)—the technology used to manage everything from water treatment plants to the International Space Station—are eminently vulnerable to malicious hackers, according to tests performed by a leading global security firm. Read More >>

Equifax Board Members Keep Their Jobs Despite Data Breach Blunders

After a calamitous data breach exposing the personal information of more than 145 million U.S. citizens and over 700k UK residents, Equifax shareholders this week voted to re-elect all of the company’s board members following its first annual shareholder meeting since the incident. Read More >>

Identity Theft Is Exploding in Developing Countries

New data reveals the global circulation of stolen identities is leading to major shifts in cybercrime worldwide, with developing countries cultivating newly formed internet-based economies responsible for a generous amount of fake and stolen account activity. Read More >>

Hackers Designed a New Way to Secretly Unlock Millions of Hotel Room Doors

A critical flaw in electronic locks left millions of hotel rooms worldwide vulnerable to hackers. Now, the security researchers who developed the attack are helping hotels patch the problem, literally door to door. Read More >>

north korea
The Curious Case of North Korea’s Homegrown Antivirus Software

There’s something not quite right about North Korea’s antivirus software. Read More >>

DJI Releases Security Findings It Hopes Will Quash ‘Chinese Spying’ Fears

The world’s largest consumer drone maker is pushing back amid swelling concerns that its applications may be insecure, as well as rumours that it may be transmitting sensitive user data to China, where the company was founded more than a decade ago. Read More >>