Password

Kickstarter sent password reset emails to millions of users, but didn’t tell anyone why

Crowdfunding website Kickstarter sparked fears overnight of a possible security incident after the company sent unsolicited password reset emails to millions of users without prior explanation. The em

DigitalOcean says customer email addresses were exposed after latest Mailchimp breach

Cloud giant DigitalOcean says that some customers’ email addresses were exposed because of a recent “security incident” at email marketing company Mailchimp. In a scant blog post dated August 12

Google consolidates its Chrome and Android password managers

Google today announced an update to its password manager that will finally introduce a consistent look-and-feel across the service’s Chrome and Android implementations. Users will soon see a new

Apple ‘passkeys’ could finally kill off the password for good

Apple demonstrated “passkeys” at WWDC 2022, a new biometric sign-in standard that could finally kill off the password for good. It’s no secret that passwords are insecure, with easily guessable

Netflix’s password-sharing test in Peru is confusing subscribers, report suggests

It’s been a bumpy ride for Netflix recently, and the announcement that it will be charging for password sharing hasn’t gone as smoothly as it might have hoped, a new report claims. Subscribers in

Apple, Google and Microsoft team up on passwordless logins

In a rare show of alliance, Apple, Google and Microsoft have joined forces to expand support for passwordless logins across mobile, desktop and browsers. Passwords are notoriously insecure, with weak

Lapsus$ hacking group claims software consultancy giant Globant as its latest breach victim

Just days after police in the U.K. arrested seven people over suspected connections to the now-infamous hacking and extortion group, Lapsus$ is claiming its latest victim. Lapsus$, whose recent victim

Cloaked raises $25M Series A to generate privacy-friendly identities on the fly

Cloaked, a Boston-based startup that allows users to generate unique email addresses and phone numbers when creating online accounts, has secured $25 million in Series A funding. Founded in 2020 by br

Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show

The Lapsus$ hackers used compromised credentials to break into the network of customer service giant Sitel in January, days before subsequently accessing the internal systems of authentication giant O

Ubisoft won’t say why it reset employee passwords after ‘cyber incident’

Gaming giant Ubisoft has confirmed a cybersecurity incident that led to the mass-reset of company passwords, but has declined to say what the incident actually was. In a brief statement, Ubisoft said:

Is the UK government’s new IoT cybersecurity bill fit for purpose?

Internet of Things (IoT) devices — essentially, electronics like fitness trackers and smart lightbulbs that connect to the internet — are now part of everyday life for most. However, cybersecurity

GoDaddy says data breach exposed over a million user accounts

Web hosting giant GoDaddy has reported a data breach, and warns that data on 1.2 million customers may have been accessed. In a filing with the Securities and Exchange Commission, GoDaddy’s chie

Verizon-owned cell network Visible confirms hackers accessed user accounts

Visible, a budget cellular carrier owned by Verizon, has confirmed that hackers accessed and charged user accounts. The incident, first reported by The Verge, came to light earlier this week after Vi

A popular smart home security system can be remotely disarmed, researchers say

A cybersecurity company says a popular smart home security system has a pair of vulnerabilities that can be exploited to disarm the system altogether. Rapid7 found the vulnerabilities in the Fortress

Apple’s CSAM detection tech is under fire — again

Apple has encountered monumental backlash to a new child sexual abuse material (CSAM) detection technology it announced earlier this month. The system, which Apple calls NeuralHash, has yet to be acti

Court orders US Capitol rioter to unlock his laptop ‘with his face’

The FBI argued that compelling Guy Reffitt to unlock his computer by sitting in front of it 'would not run afoul of the defendant's Fifth Amendment right against self-incrimination.'

Magic lands $27M Series A for its ‘plug and play’ passwordless tech

Magic, a San Francisco-based startup that builds “plug and play” passwordless authentication technology, has raised $27 million in Series A funding. The round, led by Northzone and with pa

Ex-Plaid employees raise $30M for Stytch, an API-first passwordless authentication platform

There are far fewer annoying things than managing one’s passwords. There are a bunch of companies out there to help you attempt to do that. And there’s also a number of companies that want to go a

Ring’s latest security updates are good, but still opt-in

Ring, the video doorbell maker dubbed the “largest civilian surveillance network the U.S. has ever seen,” is rolling out new but long overdue security and privacy features. The Amazon-own

An internal code repo used by New York State’s IT office was exposed online

A code repository used by the New York state government’s IT department was left exposed on the internet, allowing anyone to access the projects inside, some of which contained secret keys and p
Load More