Security

Okta’s PassProtect checks your passwords with ‘Have I Been Pwned’

Okta just launched a free browser extension for Google Chrome today. After installing PassProtect, your browser will compare the passwords you type with Troy Hunt’s Have I Been Pwned. This extension

Okta introduces ‘Sign in with Okta’ service

Consider that there are millions of Okta users out there using the service to sign into their company applications with a single set of credentials. Yet getting customers to work together using Okta a

FBI reportedly overestimated inaccessible encrypted phones by thousands

The FBI seems to have been caught fibbing again on the topic of encrypted phones. FBI director Christopher Wray estimated in December that it had almost 7,800 phones that investigators were unable to

Zuckerberg didn’t make any friends in Europe today

Speaking in front of EU lawmakers today Facebook’s founder Mark Zuckerberg namechecked the GDPR’s core principles of “control, transparency and accountability” — claiming

Yubico launches an SDK that lets iOS devs add support for its NFC keys

Yubico, the company behind the increasingly popular YubiKey security keys, today announced the launch of a new SDK for iOS developers that allows them to add support for two-factor authentication over

Comcast is (update: was) leaking the names and passwords of customers’ wireless routers

Comcast has just been caught in a major security snafu: revealing the passwords of its customers' Xfinity-provided wireless routers in plaintext on the web. Anyone with a subscriber's account number a

Researchers disclose new Spectre exploit variant, but Intel and AMD leave mitigation off by default

The specter of Spectre still looms above Intel, which just today disclosed a new variant of that most dire of chip flaws. It's issuing a mitigation patch in tandem with the announcement that may come

Teen monitoring app TeenSafe exposes thousands of passwords

U.K.-based security researcher Robert Wiggins has found two exposed TeenSafe servers, leaking the passwords and information of some users of the monitoring service. TeenSafe is meant to protect teenag

A simple solution to end the encryption debate

Criminals and terrorists, like millions of others, rely on smartphone encryption to protect the information on their mobile devices. But unlike most of us, the data on their phones could endanger live

LocationSmart didn’t just sell mobile phone locations, it leaked them

What's worse than companies selling the real-time locations of cell phones wholesale? Failing to take security precautions that prevent people from abusing the service. LocationSmart did both, as nume

Zuckerberg will meet with European parliament in private next week

Who says privacy is dead? Facebook’s founder Mark Zuckerberg has agreed to take European parliamentarians’ questions about how his platform impacts the privacy of hundreds of millions of

Auth0 snags $55M Series D, seeks international expansion

Auth0, a startup based in Seattle, has been helping developers with a set of APIs to build authentication into their applications for the last five years. It’s raised a fair bit of money along t

Kaspersky to move some core infrastructure out of Russia to fight for trust

Russian cybersecurity software maker Kaspersky Labs has announced it will be moving core infrastructure processes to Zurich, Switzerland, as part of a shift announced last year to try to win back cu

Anyone could download Cambridge researchers’ 4-million-user Facebook data set for years

A dataset of over 3 million Facebook users and a variety of their personal details collected by Cambridge researchers was available for anyone to download for some four years, New Scientist reports. I

Xage introduces fingerprinting to protect industrial IoT devices

As old-school industries like oil and gas increasingly network entities like oil platforms, they become more vulnerable to hacking attacks that were impossible when they were stand-alone. That require

Researchers warn of critical flaw affecting PGP and S/MIME

Those who use PGP and S/MIME to send secure emails are being advised to cease using and disable the tools with immediate effect following a major security scare. Researcher Sebastian Schinzel, a pro

Hacker Kevin Mitnick shows how to bypass 2FA

A new exploit allows hackers to spoof two-factor authentication requests by sending a user to a fake login page and then stealing the username, password, and session cookie. KnowBe4 Chief Hacking Offi

Signal for Mac users should disable notifications to keep their messages secure

If you’re using Signal for secure messaging, here’s something to be aware of. The app is one of the best-regarded encrypted messaging tools out there, but Mac owners who use Signal might i

Cryptojacking malware was secretly mining Monero on many government and university websites

A new report published by security researched Troy Mursch details how the cryptocurrency mining code known as Coinhive is creeping onto unsuspecting sites around the web. Mursch recently detected the

iOS will soon disable USB connection if left locked for a week

In a move seemingly designed specifically to frustrate law enforcement, Apple is adding a security feature to iOS that totally disables data being sent over USB if the device isn't unlocked for a peri
Load More