Attackers can bypass fingerprint authentication with an ~80% success rate
For decades, the use of fingerprints to authenticate users to computers, networks, and restricted areas was mostly limited to large and well-resourced organizations that used specialized and expensive equipment. That all changed in 2013 when Apple introduced TouchID. Within a few years, fingerprint-based validation became available to the masses as computer, phone, and lock manufacturers added sensors that gave users an alternative to passwords when unlocking the devices. READ MORE...
Microsoft buys corp[dot]com domain to prevent Windows account hijacking
Microsoft has purchased the Corp[dot]com domain to prevent it from being used by malicious actors to steal Windows credentials, monitor customer traffic, or serve malicious files. Internet domain name investor Mike O'Connor has been the owner of the domain for the past 26 years but has always been hesitant to sell it as it could be used by malicious actors. READ MORE...
Who is World Wired Labs and why are they selling an Android trojan?
A company advertising a remote access tool frequently used by criminals and nation-state hackers may be serving as a front for a Chinese hacking group, according to new research published Tuesday by BlackBerry Cylance. In a lengthy report on remote access trojans (RAT), BlackBerry Cylance researchers detail an Android malware variant, which they call PWNDROID4, that can be used to monitor targets' phone calls, record audio, send and receive text messages, and track victims' GPS location. READ MORE...
xHelper: The Russian Nesting Doll of Android Malware
The "undeletable" xHelper malware - which ultimately results in the installation of the Triada trojan - has become a virulent scourge for Android devices this year, according to researcher analysis - bringing with it a hallmark of being virtually indestructible for the common user. xHelper is known for its persistence - it stays entrenched on the phone even if the device has been restored to factory settings by secretly re-installing itself. READ MORE...
Official Government COVID-19 Apps Hide a Raft of Threats
A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they're also putting people's privacy and the security of their data at risk, researchers have found. Security researchers at the ZeroFOX Alpha Team have uncovered various privacy concerns and security vulnerabilities - including a backdoor in various apps. READ MORE...
Easy-to-pick "smart" locks gush personal data, FTC finds
A padlock-whether it uses a combination, a key, or "smart" tech-has exactly one job: to keep your stuff safe so other people can't get it. Tapplock, Inc., based in Canada, produces such a product. The company's locks unlock with a fingerprint or an app connected by Bluetooth to your phone. Unfortunately, the Federal Trade Commission said, the locks are full of both digital and physical vulnerabilities that leave users' stuff, and data, at risk. READ MORE...
Actively exploited MS Exchange flaw present on 80% of exposed servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don't have to look hard to find a server they can attack: according to an internet-wide scan performed by Rapid7 researchers, there are at least 315,000 and possibly as many as 350,000 vulnerable on-premise Exchange servers (out of 433,464 total) out there. READ MORE...
- ...in 1820, the Venus de Milo is discovered in ancient Greek ruins on the Aegean island of Milos.
- ...in 1904, Longacre Square in Manhattan is renamed Times Square, after The New York Times.
- ...in 1959, computer scientist Grace Hopper and leaders from science and industry discuss the creation of a new programming language, COBOL.
- ...in 1974, Hank Aaron of the Atlanta Braves hits his 715th career home run, breaking Babe Ruth's record.
