security

Google says some G Suite user passwords were stored in plaintext since 2005

Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext. The search giant disclosed the exposure Tuesday but declined to say exactly ho

After breach, Stack Overflow says some user data exposed

After disclosing a breach earlier this week, Stack Overflow has confirmed some user data was accessed. In case you missed it, the developer knowledge sharing site confirmed Thursday a breach of its sy

You probably weren’t a target of the WhatsApp surveillance hack

Every once in a while a major bug, vulnerability or security scare will spark panic. In most cases, it’s absolutely unnecessary panic. Take yesterday’s reported vulnerability. Israeli hack

Twitter bug disclosed some users’ location data to an unnamed partner

Twitter on Monday afternoon disclosed a bug that in certain conditions resulted in an account’s location data being shared with a Twitter partner — even if the user had not opted in to sha

Boost Mobile says hackers broke into customer accounts

Boost Mobile, a virtual mobile network owned by Sprint, has confirmed hackers have broken into an unknown number of customer accounts. The company quietly posted a notification of its data breach almo

Two years after WannaCry, a million computers remain at risk

Two years ago today, a powerful ransomware began spreading across the world. WannaCry spread like wildfire, encrypting hundreds of thousands of computers in more than 150 countries in a matter of hour

‘Unhackable’ encrypted flash drive eyeDisk is, as it happens, hackable

In security, nothing is “unhackable.” When it’s claimed, security researchers see nothing more than a challenge. Enter the latest findings from Pen Test Partners, a U.K.-based cybers

Justice Department charges Chinese hacker for 2015 Anthem breach

U.S. prosecutors have brought charges against a Chinese national for his alleged involvement in the data breach at health insurance giant Anthem announced in 2015 that resulted in the theft of 78.8 mi

Cybersecurity insurance startup Coalition raises $40M in Series B funding

Coalition, a cybersecurity insurance company, has raised $40 million in its latest round of funding. Fintech investment giant Ribbit Capital led the investment with participation from Greenoaks Capita

Samsung spilled SmartThings app source code and secret keys

A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security resea

Freedom Mobile server leak exposed customer data

A security lapse at Canada’s fourth largest cell network, Freedom Mobile, exposed customer data. Security researchers Noam Rotem and Ran Locar found an Elasticsearch server leaking five million

Capital.com powers Currency.com’s ‘world first’ in tokenising government bonds

With the SEC recently releasing its long-awaited guidance on crypto token issuers, it’s becoming clear that the crypto world is edging closer to the traditional financial world. New players are

Job recruitment site Ladders exposed 13 million user profiles

Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records following a security lapse. The New York-based company

Developers can now verify mobile app users over WhatsApp instead of SMS

Facebook today released a new SDK that allows mobile app developers to integrate WhatsApp verification into Account Kit for iOS and Android. This will allow developers to build apps where users can op

Hackers went undetected in Citrix’s internal network for six months

Hackers gained access to technology giant Citrix’s networks six months before they were discovered, the company has confirmed. In a letter to California’s attorney general, the virtualizat

A new cryptocurrency mining malware uses leaked NSA exploits to spread across enterprise networks

Two years after highly classified exploits built by the National Security Agency were stolen and published, hackers are still using the tools for nefarious reasons. Security researchers at Symantec sa

Microsoft is considering dropping its Windows password expiration policy

Microsoft has proposed scrapping a policy in Windows that requires users to periodically change their login password. In a blog post, the software giant said its new draft security configuration basel

VDOO secures $32M for a platform that uses AI to detect and fix vulnerabilities on IoT devices

Our universe of connected things is expanding by the day: the number of objects with embedded processors now exceeds the number of smartphones globally and is projected to reach some 18 billion devic

Manufacturing giant Aebi Schmidt hit by ransomware

Aebi Schmidt, a European manufacturing giant with operations in the U.S., has been hit by a ransomware attack, TechCrunch has learned. The Switzerland-based maker of airport maintenance and road clean

Security lapse at contract startup Evisort exposed sensitive data

Evisort, a document and contract management company, left one of its document databases unsecured, exposing customer data. The startup, founded by former Harvard and MIT students in 2016, bills itself
Load More