Darlene Storm (not her real name) is a freelance writer with a background in information technology and information security. It seems wise to keep an eye on new hacks and holes, to know what is possible and how vulnerable you might be. Most security news is about insecurity, hacking, cybersecurity and even privacy threats, bordering on scary. But when security is done right, it's a beautiful thing...sexy even. Security is sexy.
This is a weblog of Darlene Storm. The opinions expressed are those of Darlene Storm and may not represent those of Computerworld.
Well that was fast...four days after Samsung released the Galaxy S5, security researchers bypassed the fingerprint authentication, using the same fake finger as in the iPhone 5S hack, and gained access to the owner's PayPal account. Although Samsung spends about $256 per S5 build, it provides less security than Apple's $207 5S build.
Israeli Elite Force hackers doxed 16 members of Anonymous OpIsrael by using the hackers’ own webcams against them, showing yet another example of why you should cover your webcam when you are not using it.
Security researchers released a "car hacking for poories" guide so anyone can afford to try attacking vehicles. Yet one of the strangest ‘attacks’ is coming from spiders, the eight-legged kind. Mazda will issue updated software for 42,000 recalled Mazda6s to fix the spider problem.
Is it possible to ensure online privacy and truly have secure digital communications? Scientists believe their new encryption scheme gives an "infinite number of choices for the secret encryption key shared between the sender and receiver" and therefore promises to be "so nearly unbreakable that it will be equally unwelcome to internet criminals and official eavesdroppers."
When it comes to security, “smart” as in smart TV is like an oxymoron. This time Philips hard-coded the default password, which is an uninspired ‘Miracast,’ into the Miracast wireless network. In a nutshell, that means anyone within range could connect to the TV remotely to carry out everything from mischievous to devious acts. Revuln researchers suspect all 2013 Philips smart TVs, due to the firmware version, are at risk.
A six-character password securing a Tesla Model S account was called a potential security threat that might allow an attacker to unlock the doors, but a scarier potential threat discussed at Black Hat Asia is a $20 'untraceable' device that could allow an attacker to remotely take control of a car from 'miles away.'
You may not see that little Snoopy drone hovering overhead, but your smartphone may think it's a familiar Wi-Fi network and connect to it, allowing hackers to steal all the sensitive data from your device or even to track you.
You need to install Android system updates, but privilege escalation flaws leave billions of Android devices at risk of being hacked when you install those system security updates. Researchers identified a new class of security vulnerability in the way Android updates and warned that all Android devices are vulnerable to "Pileup" flaws. They also released a free Android security app to scan for malicious apps before every system update.
It's Sunshine Week, but government transparency is still hard to find. Federal agencies, like DHS for example, are failing to respond to Freedom of Information Act requests. 7 of 15 agencies received the grade of "F." Half of all federal agencies don't bother to update their FOIA regulations and 2013 weighed in as the most-censored year yet.
SEA hackers targeted CENTCOM in response to US intentions to launch cyberattacks on Syria. Although the attackers tweeted a screenshot showing access to US Army data, US CENTCOM denied it was hacked. The US Army is embarrassed, but it's in regards to Thrift Saving Plan spear phishing emails traced back to the Army three weeks later; the fake e-mail was part of a cybersecurity test, but it set off panic.