A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. BleepingComputer reports: The REvil master decryptor was created by cybersecurity …
FTC says health apps must notify consumers about data breaches — or face fines
The U.S. Federal Trade Commission (FTC) has warned apps and devices that collect personal health information must notify consumers if their data is breached or shared with third parties without their permission. In a 3-2 vote on Wednesday, the FTC agreed on a new policy statement to clarify a decade-old 2009 Health Breach Notification Rule, […]
Ransomware: A market problem deserves a market solution
To fight ransomware attacks, appreciate the economics — the markets that enable ransomware — and change the market dynamics.
ExpressVPN Knew ‘Key Facts’ of Executive Who Worked For UAE Spy Unit
An anonymous reader quotes a report from Motherboard: ExpressVPN, a popular VPN company, said it was aware of the “key facts” of its chief information officer Daniel Gericke’s previous employment before hiring him. On Wednesday, the Department of Justi…
Emergency Software Patches Are on the Rise
Emergency software patches, in which users are pushed to immediately update phones and computers because hackers have figured out some novel way to break in, are becoming more common. From a report: Researchers raised the alarm Monday about a big one: …
Anonymous Hacks Epik Web Hosting
ArchieBunker writes: Members of the hacktivist collective Anonymous claim to have hacked web registration company Epik, allegedly stealing ‘a decade’s worth of data,’ including reams of information about its clients and their domains. Epik is controver…
Microsoft now lets you sign in without a password
Microsoft is further nudging users away from passwords by rolling out passwordless sign-in options to all consumer Microsoft accounts. The tech giant, like many others in the industry, has waged a war against traditional password-based authentication for some time. This is because passwords are a prime target for cyberattacks, since weak or reused passwords can […]
緊急通報できる防犯アプリは、本当に都市を“安全”にするのか:浮上するさまざまな懸念の理由
事件や事故が近くで発生した際に通知してくれる米国のサーヴィス「Citizen」に、身の危険を感じたときに助けを求められる有料の緊急通報機能が加わった。ところが、同社が過去に犯罪の通知に関して誤報やえん罪などの問題を起こしてきたという“前歴”ゆえに、新機能の信頼性について、不必要な通報や人為的なミスなどの懸念が持ち上がっている。
…
「Google ドキュメント」を狙うフィッシング詐欺、その脅威はいまだに続いている
グーグルの「Google ドキュメント」を狙ったマルウェアによる被害が2017年に問題になったが、実はこの問題が解決していなかった可能性が明らかになった。研究によると、グーグルによる対策が十分ではなかったことが明らかになったというのだ。
…
Apple Patches a NSO Zero-Day Flaw Affecting All Devices
Apple has released security updates for a newly discovered zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch. Citizen Lab, which discovered the vulnerability and was credited with the find, urges users to immediately update th…