Apple CEO Demands Federal Data Privacy Legislation
Apple CEO Tim Cook has called on the government to double down on data privacy regulation in 2019. Source: https://threatpost.com
Privacy
The Collection #1 data breach – what you need to do about it
A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered. If you are one of the affected users, what should you do about it? Source: https://www.grahamcluley.com
Smashing Security #111: When rivals hack, and ‘extreme’ baby monitors
Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Zoë Rose. Source: https://www.grahamcluley.com
Fortnite Hacked Via Insecure Single Sign-On
Leaky Fortnite single sign-on mechanism could have allowed hackers to access game accounts. Source: www.threatpost.com
Judge: Law Enforcement Can’t Force Suspects to Unlock iPhones with FaceID
A ruling found that coercing suspects to open their phones using biometrics violates the fourth and fifth amendments. Source: www.threatpost.com
Data Exposed in OXO, Amazon and MongoDB Leaks
Dual data exposures and a wide-scale data leak due to a vulnerable MongoDB database have kicked off 2019 so far. Source: https://threatpost.com
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. Source: https://threatpost.com
Smashing Security #110: What? You can get paid to leave Facebook?
Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. Source: https://www.grahamcluley.com
ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse
Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users. Source: https://threatpost.com
Biometrics in 2019: Increased Security or New Attack Vector?
Should we pump the brakes on the roll out of biometric security to first consider whether we are creating new vulnerabilities? Source: https://threatpost.com