Mobile Security
FTC Issues Its First-Ever Order Against a Data Broker
Federal regulators are banning OutLogic from selling or sharing sensitive location data to third parties, marking the latest effort by government officials to address the thorny issue of data brokers and what ...
Security Boulevard
2024 Digital Resolutions: Use Stronger Passwords
Nathan Eddy | | digital security, identity and access management, kaspersky, New Year, passwords, resolutions
Nearly a quarter of participants highlighted cybersecurity as a priority for 2024, according to a study conducted by Kaspersky on New Year's digital resolutions ...
Security Boulevard
China Cracks Apple Private Protocol — AirDrop Pwned
Richi Jennings | | Airdrop, Apple, Beijing Wangshendongjian, china, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, Great Firewall of China, hash, hash algorithms, hash function, hash functions, hash generation, hashes, Peoples Republic of China, rainbow table, SB Blogwatch
AirDrop hashing is weaksauce: Chinese citizens using peer-to-peer wireless comms “must be identified.” ...
Security Boulevard
API Security Takes Center Stage as EU Financial Services Regulations Heat Up
Andy Grolnick | | api, applications, Authentication, encryption, Financial Services, protection, psd3, regulation, testing
In 2024, financial organizations must secure their APIs, protect their cloud-based applications and improve overall API security ...
Security Boulevard
Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App
Tom Eston | | api, Apple, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Exploit, google, Google Privacy Lawsuit, Information Security, Infosec, ios, iPhone, iPhone Exploit, Journal, Journaling, Mobile, Mobile App, New Year, Podcast, Podcasts, Privacy, security, technology, Weekly Edition
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The ...
Survey Surfaces Lack of Confidence in Existing Cybersecurity Tools
More than half of cybersecurity leaders would replace their entire current stack of platforms if there were no budget constraints ...
Security Boulevard
Embattled LastPass Enforcing 12-Character Passwords for All
Password manager vendor LastPass, beset by high-profile data breaches from 2022 that affected millions of users, is strengthening the security requirements for its customers, including requiring all of them to use a ...
Security Boulevard
New iPhone Exploit Uses Four Zero-Days
Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” It’s a zero-click exploit ...
Facebook’s New Privacy Nightmare: ‘Link History’
Richi Jennings | | adtech, Advertising and AdTech, breach of privacy, browser, browser abuse, customer privacy, Data Privacy, DeleteFacebook, facebook, Facebook data, key loggers, key logging, Keylog, keylogger, keyloggers, keylogging, Link History, Meta, Meta Networks, Meta Pixel, Privacy, SB Blogwatch
How stupid does he think we are? You’ll want to turn off this new app setting ...
Security Boulevard
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard