A security researcher has detailed how an artificial intelligence company in possession of nearly 2.6 million medical records allowed them to be publicly visible on the internet. It’s a clear reminder that our personal health data is not safe. As Secure Thoughts reports, on July 7 security researcher Jeremiah Fowler discovered two folders of medical Read more about AI Company Leaks Over 2.5M Medical Records[…]
Researchers have demonstrated that they can make a working 3D-printed copy of a key just by listening to how the key sounds when inserted into a lock. And you don’t need a fancy mic — a smartphone or smart doorbell will do nicely if you can get it close enough to the lock. The next Read more about Researchers Can Duplicate Keys from the Sounds They Make in Locks[…]
Jail phone telco Securus provided recordings of protected attorney-client conversations to cops and prosecutors, it is claimed, just three months after it settled a near-identical lawsuit. The corporate giant controls all telecommunications between the outside world and prisoners in American jails that contract with it. It charges far above market rate, often more than 100 Read more about Securus sued for ‘recording attorney-client jail calls, handing them to cops’ – months after settling similar lawsuit and charging more than 100x normal price for the calls. Hey, monopolies![…]
Android may have started with the mantra that developers are allowed to do anything as long as they can code it, but things have changed over the years as security and privacy became higher priorities. Every major update over the last decade has shuttered features or added restrictions in the name of protecting users, but Read more about Android 11 is taking away the camera picker, forcing people to only use the built-in camera[…]
In a step closer to skyscrapers that serve as power sources, a team led by University of Michigan researchers has set a new efficiency record for color-neutral, transparent solar cells. The team achieved 8.1% efficiency and 43.3% transparency with an organic, or carbon-based, design rather than conventional silicon. While the cells have a slight green Read more about Transparent solar panels for windows hit record 8% efficiency[…]
Boffins testing the security of OpenPGP and S/MIME, two end-to-end encryption schemes for email, recently found multiple vulnerabilities in the way email client software deals with certificates and key exchange mechanisms. They found that five out of 18 OpenPGP-capable email clients and six out of 18 S/MIME-capable clients are vulnerable to at least one attack. Read more about Trusting OpenPGP and S/Mime with your email secrets? You might want to rethink that[…]
Zoombombers today disrupted a court hearing involving the Florida teen accused of masterminding a takeover of high-profile Twitter accounts, forcing the judge to stop the hearing. “During the hearing, the judge and attorneys were interrupted several times with people shouting racial slurs, playing music, and showing pornographic images,” ABC Action News in Tampa Bay wrote. A Read more about Zoombomber crashes court hearing on Twitter hack with Pornhub video, Judge obviously not qualified for this case[…]
Epic Games has filed yet another lawsuit against Apple. The Fortnite developer is now suing the Cupertino-based company for allegedly retaliating against it for its other lawsuit last week. Apple has not only removed the game from the App Store but has told Epic that it will “terminate” all its developer accounts and “cut Epic Read more about Epic Games asks court to stop Apple pulling its developer tools next week, as Apple shows exactly how monopolies operate[…]
Babel Street is a shadowy organization that offers a product called Locate X that is reportedly used to gather anonymized location data from a host of popular apps that users have unwittingly installed on their phones. When we say “unwittingly,” we mean that not everyone is aware that random innocuous apps are often bundling and Read more about US Secret Service Bought Access to Bable Street’s Locate X Spy Tool for warrantless surveillance[…]
Edward Snowden has brought in a health $1.25m in speaking fees ever since he jumped on a plane to Hong Kong with a treasure trove of NSA secrets, a new court filing [PDF] has revealed. The whistleblower, who exposed mass surveillance of American citizens and foreigners by the US government by handing over top-secret documents Read more about Ed Snowden has raked in $1m+ from speeches – and Uncle Sam wants its cut, specifically, absolutely all of it[…]
Nearly 60 years ago, the Nobel prize–winning physicist Eugene Wigner captured one of the many oddities of quantum mechanics in a thought experiment. He imagined a friend of his, sealed in a lab, measuring a particle such as an atom while Wigner stood outside. Quantum mechanics famously allows particles to occupy many locations at once—a Read more about Quantum paradox points to shaky foundations of reality[…]
Toyota already operates a “Mobility Services Platform” that it says helps it to “develop, deploy, and manage the next generation of data-driven mobility services for driver and passenger safety, security, comfort, and convenience”. That data comes from a device called the “Data Communication Module” (DCM) that Toyota fits into many models in Japan, the USA Read more about New Toyotas will upload data to AWS to help create custom insurance premiums based on driver behaviour, send your data to others too[…]
A review at the Android Police site calls Pine64’s new Linux-based PinePhone “the most interesting smartphone I’ve tried in years,” with 17 different operating systems available (including Fedora, Ubuntu Touch, SailfishOS, openSUSE, and Arch Linux ARM): There’s a replaceable battery, which is compatible with batteries designed for older Samsung Galaxy J7 phones. It’s good to Read more about Reviewer Calls Linux-based PinePhone ‘the Most Interesting Smartphone I’ve Tried in Years’ – only $150![…]
President Donald Trump frankly acknowledged Thursday that he’s starving the U.S. Postal Service of money in order to make it harder to process an expected surge of mail-in ballots, which he worries could cost him the election.In an interview on Fox Business Network, Trump explicitly noted two funding provisions that Democrats are seeking in a Read more about Trump admits he’s blocking cash to postal services to stop mail-in votes[…]
Everyone is mad about Apple’s App Store guidelines right now, especially when it comes to cloud gaming services. Microsoft isn’t bringing Project xCloud to iOS. Google’s Stadia app can’t let iPhone users actually play games. Facebook also had to axe the ability to play games for its Facebook Gaming iOS app to be allowed in Read more about Fortnight Has Laid a Perfect Antitrust Trap for Apple and Google[…]
Following a year-long investigation into the company, Reuters reports Russia’s Federal Antimonopoly Service (FAS) has found the iPhone-maker abused its dominant position in the mobile app marketplace and will order Apple to resolve multiple regulatory breaches. The agency started investigating the tech giant after developer Kaspersky Lab filed a complaint over the rejection of its Read more about Russia’s antitrust watchdog finds Apple abused App Store ‘dominance’[…]
In December 2019 I wrote about The Growing Problem of Malicious Relays on the Tor Network with the motivation to rise awareness and to improve the situation over time. Unfortunately instead of improving, things have become even worse, specifically when it comes to malicious Tor exit relay activity. Tor exit relays are the last hop Read more about How > 23% of Tor Relays are Maliciously Exploiting Users and stealing BTC in 2020 seemingly run by 1 actor[…]
The U.S. Department of Commerce and the European Commission have initiated discussions to evaluate the potential for an enhanced EU-U.S. Privacy Shield framework to comply with the July 16 judgment of the Court of Justice of the European Union in the Schrems II case. This judgment declared that this framework is no longer a valid Read more about Privacy Shield no longer valid: Joint Press Statement from U.S. Secretary of Commerce Wilbur Ross and European Commissioner for Justice Didier Reynders[…]
More than 3.7 million. That’s the latest number of surveillance cameras, baby monitors, doorbells with webcams, and other internet-connected devices found left open to hijackers via two insecure communications protocols globally, we’re told. This is up from estimates of a couple of million last year. The protocols are CS2 Network P2P, used by more than Read more about Peer-to-peer takes on a whole new meaning when used to spy on 3.7 million or more cameras, other IoT gear[…]
President Trump said Monday that TikTok will be shut down in the U.S. if it hasn’t been bought by Microsoft or another company by Sept. 15, and argued — without elaborating — that the U.S. Treasury should get “a very substantial portion” of the sale fee. Why it matters: Trump appears to have backed off Read more about Trump says TikTok will be banned if not sold by Sept. 15, demands cut of sale fee because he made the deal possible. Extortion much?[…]
Misconfigured AWS S3 storage buckets exposing massive amounts of data to the internet are like an unexploded bomb just waiting to go off, say experts. The team at Truffle Security said its automated search tools were able to stumble across some 4,000 open Amazon-hosted S3 buckets that included data companies would not want public – Read more about Leaky AWS S3 buckets are so common, they’re being found by the thousands now – with lots of buried secrets[…]
Starting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a ‘Severe’ security risk. The HOSTS file is a text file located at C:\Windows\system32\driver\etc\HOSTS and can only be edited by a program with Administrator privileges. […] Microsoft now detects HOSTS files that block Windows telemetry Since Read more about Windows 10: HOSTS file blocking telemetry is now flagged as a risk[…]
A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community. According to a review, Read more about Hacker leaks passwords for 900+ enterprise Pulse VPN servers[…]
With over 3 billion users globally, smartphones are an integral, almost inseparable part of our day-to-day lives. As the mobile market continues to grow, vendors race to provide new features, new capabilities and better technological innovations in their latest devices. To support this relentless drive for innovation, vendors often rely on third parties to provide Read more about 400 faults found in Qualcomm chips powering your mobile phone with big implications[…]
New York state is introducing a bill that would make it easier to sue big tech companies for alleged abuses of their monopoly powers. New York is America’s financial center and one of its most important tech hubs. If successfully passed, the law could serve as a model for future legislation across the country. It Read more about New York unveils landmark antitrust bill that makes it easier to sue tech giants[…]