Zack Whittaker
Security Editor
The Latest from Zack Whittaker
NSA improperly collected Americans’ phone records for a second time, documents reveal
Newly released documents reveal the National Security Agency improperly collected Americans’ call records for a second time, just months after the agency was forced to purge hundreds of millions
FTC, Justice Dept. takes coordinated action against robocallers
Federal authorities have announced its latest crackdown on illegal robocallers — taking close to a hundred actions against several companies and individuals blamed for the recent barrage of spam cal
Hackers are stealing years of call records from hacked cell networks
Security researchers say they have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of inte
LTE flaws let hackers ‘easily’ spoof presidential alerts
Security vulnerabilities in LTE can allow hackers to “easily” spoof presidential alerts sent to mobile phones in the event of a national emergency. Using off-the-shelf equipment and open-s
Google defeats shareholders on ‘Dragonfly’ censored search in China
A shareholder resolution aimed at halting Google’s efforts to bring a censored version of its search engine to China has failed. Shareholders tabled a resolution to demand Google put the brakes
For pen testing firm IOActive, security is cultural not transactional
IOActive may not be a household name but you almost certainly know its work. The Seattle-headquartered company has been behind some of the most breathtaking hacks in the past decade. Its researchers h
House lawmakers demand end to warrantless collection of Americans’ data
Two House lawmakers are pushing an amendment that would effectively defund a massive data collection program run by the National Security Agency unless the government promises to not intentionally col
Homeland Security has tested a working BlueKeep remote code execution exploit
Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device. To date, most of the priv
Target checkouts hit by outage for a second day in a row
Another day, another Target checkout outage. Many took to social media to complain that checkouts at the retail giant went down for a second day in a row. Many stores were only taking cash and gift ca
Millions of Venmo transactions scraped in warning over privacy settings
A computer science student has scraped seven million Venmo transactions to prove that users’ public activity can still be easily obtained, a year after a privacy researcher downloaded hundreds o
After Equifax breach, US watchdog says agencies aren’t properly verifying identities
A federal watchdog says the government should stop relying on the credit agencies to verify the identifies of those using government services. In a report out this week, the the Government Accountabil
Black Hat scraps Rep. Will Hurd as keynote speaker amid voting record controversy
Rep. Will Hurd will no longer give the keynote address at the Black Hat security conference amid questions about his voting record on women’s rights. Hurd, a Texas Republican congressman, was sc
Thousands of medical injury claim records exposed by ad agency
An internet advertising company specializing in helping law firms sign up potential clients has exposed close to 150,000 records from a database that was left unsecured. The database contained submiss
Rep. Will Hurd to keynote Black Hat draws ire for voting record on women’s rights
A decision to confirm Rep. Will Hurd as the keynote speaker at the Black Hat security conference this year has prompted anger and concern by some long-time attendees because of his voting record on wo
A widely used infusion pump can be remotely hijacked, say researchers
A workstation used to dock an infusion pump widely used in hospitals and medical facilities has critical security flaws that allow it to be remotely hijacked and controlled, according to security rese
Facebook collected device data on 187,000 users using banned snooping app
Facebook obtained personal and sensitive device data on about 187,000 users of its now-defunct Research app, which Apple banned earlier this year after the app violated its rules. The social media gia
Homeland Security’s Jeanette Manfra is coming to Disrupt SF
We can’t talk cybersecurity without hearing from the government. We’re thrilled to announce Homeland Security Assistant Director Jeanette Manfra, a senior executive at the department’
Google opens its Android security-key tech to iPhone and iPad users
Google will now allow iPhone and iPad owners to use their Android security key to verify sign-ins, the company said Wednesday. Last month, the search and mobile giant said it developed a new Bluetooth
Most US mobile banking apps have security and privacy flaws, researchers say
You might figure the biggest U.S. banks would have some of the most secure mobile apps. Spoiler alert: not so much. New findings from security firm Zimperium, shared exclusively with TechCrunch, say m
Some sage security advice after Radiohead’s unreleased music hack
Bad news: Radiohead was hacked. Last week, a hacker stole the band’s lead singer Thom Yorke’s private minidisk archive from the band’s third album and subsequent major worldwide hit,