Zack Whittaker
Security editor
The Latest from Zack Whittaker
Justice Department: No evidence of vote hacking during 2018 election
There is “no evidence to date” that any foreign government had a material impact on voting machines or infrastructure during the 2018 midterm elections, according to a new classified repor
Bots are cheap and effective. One startup trolls them into going away
Bots are ruining the internet. When they’re not pummeling a website with usernames and passwords from a long list of stolen credentials, they’re scraping the price of hotels or train ticke
Everything you need to know about Facebook, Google’s app scandal
Facebook and Google landed in hot water with Apple this week after two investigations by TechCrunch revealed the misuse of internal-only certificates — leading to their revocation, which led to a da
Apple fixes FaceTime eavesdrop bug, with software update incoming
Three days after Apple pulled its new Group FaceTime feature offline after users found they could eavesdrop on people before accepting a call, the company says it has fixed the bug on its end. “We h
Indian state government leaks thousands of Aadhaar numbers
A lapse in security has led to the leaking of more than 100,000 Aadhaar numbers, TechCrunch can reveal. One of the web systems used to record attendance of government workers for the Indian state of J
Amazon’s barely-transparent transparency report somehow gets more opaque
Amazon posted its bi-annual report Thursday detailing the number of government data demands it receives. The numbers themselves are unremarkable, neither spiking nor falling in the second-half of la
Apple restores Google’s internal iOS apps after certificate misuse punishment
Apple has blocked Google from distributing its internal-only iOS apps on its corporate network after a TechCrunch investigation found the search giant abusing the certificates. “We’re working
Houzz resets user passwords after data breach
Houzz, a $4 billion-valued home improvement startup that recently laid off 10 percent of its staff, has admitted a data breach. A reader contacted TechCrunch on Thursday with a copy of an email sent
Google will stop peddling a data collector through Apple’s back door
It looks like Facebook was not the only one abusing Apple’s system for distributing employee-only apps to sidestep the App Store and collect extensive data on users. Google has been running an a
India’s largest bank SBI leaked account data on millions of customers
India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions. The server, h
Data management giant Rubrik leaked a massive database of client data
A server security lapse has exposed a massive database of customer information belonging to Rubrik, an IT security and cloud data management giant. The company pulled the server offline Tuesday within
Most of the Fortune 100 still use flawed software that led to the Equifax breach
Almost two years after Equifax’s massive hack, the majority of Fortune 100 companies still aren’t learning the lessons of using vulnerable software. In the last six months of 2018, two-thi
Researchers find a new malware-friendly hosting site after a spike in attacks
Security researchers have traced a recent spike in FormBook infections to a new file-hosting service that’s been billed as a place for hackers to host their malware. Deep Instinct analysts say i
To fight election meddling, Google’s cyber unit Jigsaw extends its anti-DDoS protections to European politicos
Jigsaw, the cybersecurity-focused division owned by Google parent Alphabet, is now allowing political organizations in Europe to sign up for its anti-web-flooding technology for free. Until now, the
After seizing a major DDoS-for-hire site, Europol goes after its users
Last year, Europol and its many law enforcement partners took down and seized webstresser.org, one of the most notorious “booter” sites for launching distributed denial-of-service (DDoS) a
Without proof, is Huawei still a national security threat?
It’s Huawei vs. the U.S., the U.K., Canada, Australia, New Zealand, and most of Europe and Japan. It’s almost as if the world’s biggest surveillance superpowers don’t want Huaw
Facebook to encrypt Instagram messages ahead of integration with WhatsApp, Facebook Messenger
Facebook is planning to roll out end-to-end encryption for Instagram messages, as part of a broader integration effort across the company’s messaging platforms, including WhatsApp and Faceboo
Massive mortgage and loan data leak gets worse as original documents also exposed
Remember that massive data leak of mortgage and loan data we reported on Wednesday? In case you missed it, millions of documents were found leaking after an exposed Elasticsearch server was found with
Millions of bank loan and mortgage documents have leaked online
A trove of more than 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the U.S., has been found online after a server
Police license plate readers are still exposed on the internet
Smile! You’re on camera. At least, your license plate is. You might have heard of automatic license plate recognition — known as ALPR (or ANPR in the U.K. for number plates). These cameras are