The past twelve months in cybersecurity have been a rough ride. In cybersecurity, everything is broken — it’s just a matter of finding it — and this year felt like everything broke at once, especially towards the end of the year. But for better or worse, we end the year knowing more than we did […]
Fisher-Price’s Chatter phone has a simple but problematic Bluetooth bug
As nostalgia goes, the Fisher-Price Chatter phone doesn’t disappoint. The classic retro kids toy was given a modern revamp for the holiday season with the new release for adults which, unlike the original toy designed for kids, can make and receive calls over Bluetooth using a nearby smartphone. The Chatter — despite a working rotary […]
Security flaws found in a popular guest Wi-Fi system used in hundreds of hotels
A security researcher says an internet gateway used by hundreds of hotels to offer and manage their guest Wi-Fi networks has vulnerabilities that could put the personal information of their guests at risk. Etizaz Mohsin told TechCrunch that the Airangel HSMX Gateway contains hardcoded passwords that are “extremely easy to guess.” With those passwords, which […]
Noname Security hits $1B valuation after $135M Series C raise
API security is all the rage these days, pushed into the limelight following a spate of high profile security incidents that saw reams of user data exposed or exfiltrated. Peloton spilled users’ private account information; Experian exposed the financial histories of millions of Americans; and Facebook, LinkedIn, and Clubhouse all had user data scraped en […]
Gift Guide: The smart home starter kit
A year ago I accidentally turned my house into a smart home. What started out as an easy (and lazy, let’s be honest) way to switch off the radio in the kitchen without getting up from the couch quickly became an obsession to remotely control and automate as much of my house as possible. What […]
GoDaddy says data breach exposed over a million user accounts
Web hosting giant GoDaddy has reported a data breach with U.S. financial regulators, and warns that data on 1.2 million customers may have been accessed. In a filing with the Securities and Exchange Commission, GoDaddy’s chief information security officer Demetrius Comes said the company detected unauthorized access to its systems where it hosts and manages […]
HPE says Aruba customer data compromised after data breach
HPE has confirmed that a “limited subset” of customer data was taken in a data breach involving its subsidiary Aruba Networks, a maker of networking equipment. The enterprise technology giant said in a statement that an unauthorized person used a private key to gain access to customer data stored in its Aruba Central cloud. HPE […]
A security bug in health app Docket exposed COVID-19 vaccine records
A security bug in the health app Docket exposed the private information of residents vaccinated against COVID-19 in New Jersey and Utah, where the app received endorsements from state officials. Docket lets residents download and carry a digital copy of their immunizations by pulling their vaccination records from their state’s health authority. The digital copy […]
Olympus US hack tied to sanctioned Russian ransomware group
An “ongoing” cyberattack against the Japanese technology giant Olympus was caused by a Russian ransomware group sanctioned by the U.S. government, according to two people with knowledge of the incident. A new malware variant known as Macaw was used in the attack that began on October 10, which encrypted Olympus’ systems in the U.S., Canada […]
A massive ‘stalkerware’ leak puts the phone data of thousands at risk
The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person’s phone because of a security issue in widely used consumer-grade spyware. But that’s about as much as we can tell you. TechCrunch repeatedly […]