When a car has a major flaw, like a potentially lethal airbag, it gets recalled. Same for a coffeemaker, or a surfboard, or a prescription drug. But when that major flaw is in a product’s software — like a huge exploit that puts literally a billion consumers’ privacy and personal data at risk — there’s no universal process out there for remedying the situation. Do we need one? And if so, how can we get one? [More]
General Motors gets to join Fiat Chrysler and Tesla in an unenviable lineup this week: Using cheap gadgets and text messages, researchers have proven they can hack that most traditional of cars, the Chevy Corvette. And worse still is that this line of attack will work on basically any car with a computer in it, which is to say… all of them.
Following a string of high-profile data breaches last year, Visa and MasterCard handed down a requirement that all merchants transition to the more secure chip-enabled credit card payment system by October of this year. While several major retailers have already made or are in the process of making the switch, a new report finds that many small business owners don’t even know about the deadline – or the potentially costly consequence of not meeting it. [More]
For six days last week, malware known as “malvertising” was reportedly lurking in Yahoo’s advertising network, with the potential for attackers to infect internet users’ computers and hold them for ransom. Security researchers say they notified Yahoo of the malware upon discovering it on Sunday, and the company removed the malicious code immediately.
Over the past few years we’ve heard a lot about the smart, connected devices that make up the internet of things. From ceiling fans to cars and cameras, they’re everywhere. Unfortunately, anything that can connect to the internet can be hacked through the internet… and now, it seems, that includes guns.
It’s a bad news Monday for up to 950 million — yes, that’s almost 1 billion — Android device owners worldwide. A vulnerability that would let a hacker take over your phone remotely has been announced, and it’s a doozy.
The questionable stability and frequent security issues with Adobe’s Flash have long been a running joke among the tech-minded. Although the once-ubiquitous plugin’s star began to wane after mobile browsing took off, it still makes a lot of the content on the internet move. But after the release of yet another potentially disastrous vulnerability recently, the crowd clamoring for an end to Flash has now gone far beyond your local IT office, and includes both Firefox and Facebook.
Remember when it was announced that more than four million federal employees in the country were part of a massive data breach last month? Well, turns out that was just one of two rather large data breaches to hit the Office of Personnel Management, with the newly announced second, larger hack affecting upwards of 21 million current and former employees, as well as prospective employees, their families and others who applied for federal background investigations in the last 15 years. [More]
MasterCard wants to know how you feel, so they asked a bunch of people: Do you feel safe? Do you feel secure? Do you feel like you need a cookie and a nice cup of cocoa? Wait, scratch that last one. MasterCard’s survey only covered feelings about how safe and secure you feel your financial information is. The answer? Not very secure at all.
Bad news for up to 600 million Samsung Galaxy phone owners worldwide: a big fat new vulnerability has been found that could let anyone with the inclination to cause trouble into your phone to read your messages, listen to your mic, watch your camera, and push malware at you. Oops.
There are millions of federal employees in the country, and not just in Washington, DC. The government is a big bureaucracy and a big employer — and that makes it a nice, juicy target for a big data breach.
If it feels like we hear a whole lot of stories about retail data breaches here in the U.S., well, that’s because we do. Americans are super duper popular targets for card hacks and fraud, and it’s for one simple reason: our credit card security is bad and should feel bad.
Nearly a month after a government report identified security weaknesses within the airline industry, including the possibility that newer airplanes with interconnected WiFi systems could be hacked, a recently obtained Federal Bureau of Investigation search warrant shows a security researcher claims he briefly took control of an aircraft after hacking into the plane’s in-flight entertainment system. [More]
United Offers “Bug Bounty” Of Up To 1 Million Miles For Hackers Who Find Vulnerabilities In Website, Mobile App
While big companies are known to quietly seek out the services of white-hat hackers to test for weaknesses in their networks and websites, it’s not every day that a major airline publicly offers a “bounty” to people who can diagnose vulnerabilities in its systems. [More]
In much of the country, this is the first truly warm week of the year. The change of seasons has us turning to shorts, dresses, sandals, and chilled fruity drinks served in rooftop bars. But data breaches, alas, are always in style, and buying that beverage may land you with a stolen credit card number.
Sometimes cyber criminals do such a good job camouflaging their ploys to steal consumers’ personal information that you might not recognize that the site you just entered your password on isn’t a legitimate login page. In an effort to combat such ruses, Google has created a new tool for its Chrome browser that aims to ensure users’ passwords don’t end up in the hands of ne’er do wells. [More]
If you’re having issues accessing your British Airways account to book your next flight, it’s likely a result of a weekend hack targeting the airline. [More]
Just a month after tens of millions of consumers’ personal information was breached in the hack of health insurance firm Anthem, another U.S.-based insurance provider says it was the victim of a cyber attack affecting as many as 11 million customers. [More]