Saturday, July 20, 2019

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.

The App Creeping on Your IG Location, Jakarta’s Insurance Crisis, and More News

Catch up on the most important news from today in two minutes or less.

The FaceApp Privacy Panic, a Mysterious Satellite Outage, and More News

Catch up on the most important news from today in two minutes or less.

Europe’s Galileo Satellite Outage Serves as a Warning

The dramatic EU Galileo outage underscores the threat of satellite timing and navigation system failures.

Think FaceApp Is Scary? Wait Till You Hear About Facebook

The idea that FaceApp is somehow exceptionally dangerous threatens to obscure the real point: All apps deserve this level of scrutiny.

Why Microsoft’s BlueKeep Bug Hasn’t Wreaked Havoc—Yet

Microsoft's critical vulnerability remains unpatched in hundreds of thousands of computers, and may already be exploited in secret.

Hackers Made an App That Kills to Prove a Point About Medtronic Insulin Pumps

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be.

How To Clear Out Your Zombie Apps and Online Accounts

All those services you signed up for but forgot about? They're a security risk. Here's how to get rid of them.

Palantir Manual Shows How Law Enforcement Tracks Families

An Apple Watch bug, a hackable hair straightener, and more security news this week.

An Amazon Phishing Scam Hits Just in Time For Prime Day

Some deals are too good to be true, even on the most made-up holiday of all.

On TikTok, Teens Meme the Safety App Ruining Their Summer

Parents can use Life360 to track their teen’s location in real time. The company can use that data to sell car insurance.

Magecart Hacker Group Hits 17,000 Domains—and Counting

Magecart hackers are casting the widest possible net to find vulnerable ecommerce sites—but their method could lead to even bigger problems.

The Window to Rein In Facial Recognition Is Closing

As Congress continues to punt on facial recognition, advocacy groups have redoubled their efforts.

Zoom Will Fix the Flaw That Let Hackers Hijack Webcams

While it at first dismissed the vulnerability, Zoom says it will release a patch Tuesday night.

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

All it takes is one wrong click, and the popular video conferencing software will put you in a meeting with a stranger.

How to Protect Our Kids’ Data and Privacy

Opinion: Kids today have an online presence starting at birth, which raises a host of legal and ethical concerns. We desperately need a new data protection framework.

What Is Credential Dumping?

Modern network intrusions thrive on a counterintuitive trick: stealing passwords from computers that hackers have already compromised.

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.