The ThreatMetrix Cybercrime Report 2017 is out, and is a troubling read for anyone who has anything to do with data security.  As a fraud prevention company protecting nearly a billion and a half users around the world, they’re uniquely positioned to know, and their insights on the threat landscape is invaluable. Their main finding […]

Intel’s year isn’t getting off to a very good start.   Just after the discovery of a pair of critical vulnerabilities that have been in their chipsets for more than a decade comes the discovery of yet another serious flaw that could impact millions of laptops around the world. A Finnish data security firm called “F-Secure” […]

Normally, Google’s robust series of checks and audits are pretty good at catching malicious code and preventing it from making its way to the Play Store.  Sometimes, however, something slips through anyway despite the company’s best efforts. This latest one is particularly bad. Researchers from Check Point have identified a new strain of malware called […]

Do you use any of the following Chrome browser extensions? Change HTTP Request Header Nyoogle – (a custom logo for Google) Stickies – (a Post-It note for Chrome) Lite Bookmarks If so, you’re not alone.  These four extensions have a combined user base of more than half a million. Recently, security researchers from ICEBRG (a […]

Does your company utilize either RackSwitch or BladeCenter networking switches?  Are those switches running ENOS (the Enterprise Network Operating System)?  If so, there’s a backdoor in your network you weren’t aware of.  Even worse, it’s been there since 2004. Engineers at Lenovo recently discovered the backdoor in the firmware when they conducted an internal security […]

A duo of researchers stumbled across a series of vulnerabilities in literally hundreds of GPS services that leave sensitive GPS tracking data open to hackers.  Dubbed “Trackmageddon” by the researchers, the vulnerabilities span a range of weaknesses that include default or easy-to-guess passwords, IDOR (Insecure Direct Object Reference) issues, insecure API endpoints, and data collection […]

There’s a constant tug of war playing out on the national stage.  On one side, privacy advocates are pushing for greater autonomy for end users, and hard limits to the types of searches that law enforcement agencies are allowed to conduct. On the other side are the government agencies themselves, which often cite national security […]

Remember the KRACK WiFi (WPA2) vulnerability, discovered by Mathy Vanhoef?  It turns out that his discovery was a catalyst for action.  Recently, the WiFi Alliance, which is the industry’s standards organization, released details about its new WPA3 protocol.     Here’s a quick rundown of the changes you can expect to see in the months […]

What’s an HDD manufacturer to do when faced with competition by faster, more efficient SSD drives? Go big, and go faster.  At least that’s the strategy that both Seagate and Western Digital are adopting. SSDs tend to get prohibitively expensive as their size crosses the 1TB threshold, which creates an opportunity for HDD manufacturers.  Seagate […]

Recently, a group of investors wrote an open letter to Apple, urging the company to do more in regards to offering better and more robust parental controls on the devices the company makes.  Although the group of investors control some $2 billion in Apple stock, this is a drop in the proverbial bucket, given the […]