How to secure your data after the Cloudflare leak

securityhall Cloudflare revealed yesterday that a bug in its code caused sensitive data to leak from some of the major websites that use its performance enhancement and security services. Uber, Fitbit, OkCupid and 1Password are among Cloudflare’s millions of clients, and it’s possible that personal data such as passwords and cookies leaked from many client websites during the five months… Read More

Security researchers announce “first practical” SHA-1 collision attack

shattered Security researchers at the CWI institute in Amsterdam working with a team from Google Research say they have found a faster way to compromise the SHA-1 hash algorithm — announcing what they describe as “the first practical technique for generating a SHA-1 collision” in a blog post today. Read More

Change this security setting on WhatsApp right now

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f378572%2f9c9751f7-39d0-4324-acd6-9546500eac0c
Feed-twFeed-fb

WhatsApp just introduced a major update to its security settings and you should take advantage of it as soon as you can.

The app is officially adding support for two-step verification, which prevents someone else from activating your phone number without a six-digit passcode.

The feature, which has been testing in beta since November, is starting to roll out now to WhatsApp's iOS, Android and Windows apps. Head over to Settings —> Account —> Two-step verification —> Enable to activate it. 

Once you do, the app will ask you to provide an email and set a six-digit passcode. You don't have to provide your email address, but if you don't, you will have a more difficult time accessing your account should you forget your passcode (WhatsApp says it will prompt you to enter your code "periodically" in order to help you remember it.)  Read more...

More about Security, Facebook, Whatsapp, Apps And Software, and Tech

Google’s bug bounty program pays out $3 million, mostly for Android and Chrome exploits

security globe If you’re willing to hunt for flaws within its vast array of software and services, Google’s happy to pay up. Over the course of its 2016 Vulnerability Rewards Program, the company paid out $3 million—a third of the total $9 million that enthusiastic researchers have earned since the initiative, more colloquially known as a bug bounty program, launched in 2010. The… Read More

Facebook just added support for physical security keys and that’s a big plus

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f363373%2f272c85d2-582b-4c82-8a6e-e43027a4d852
Feed-twFeed-fb

When the rollout of its newest privacy tools, Facebook snuck in a very useful update: support for physical security keys. That means you can now use any USB key that supports the universal second factor (U2F) standard to log into your Facebook account, confirming your identity just by tapping the key.

SEE ALSO: Facebook changes how it talks about privacy

What does this mean?

You can now use a physical key to log into your Facebook account just like you'd use a key to start a car. You'll still need to use the key in combination with your password (so if a person steals it, they won't be able to log in). You can even use a key to log into Facebook via Chrome on Android, that is, assuming both your phone and key have NFC wireless tech. Read more...

More about Passwords, Security, Facebook, and Tech

Your friends might be spying on your Facebook when you’re not looking

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f358813%2f7313b0b1-e9df-41f1-b7c4-b38402cb6a1a
Feed-twFeed-fb

Ever suspected your friends may be snooping on your Facebook profile behind your back? It turns out they are, a new study shows.

New research from the University of British Columbia in Canada says 24 percent — or more than one in five subjects — had accessed someone else’s Facebook account without permission, and 21 percent have been victims (that knew about the unauthorized access).

The security community calls this kind of profile snooping a "social insider attack." This means the attacker knows the victim and gains access to the account by physically accessing the victim’s device, whether it's a phone, tablet, laptop or something else. Read more...

More about Social Insider Attacks, Security, Instagram, Snapchat, and Twitter

Facebook is changing how it talks about privacy

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f361992%2f90b3f6e7-216e-467d-ac7a-9e3fc68786be
Feed-twFeed-fb

Facebook is now making it easier to keep your information private and secure.

As part of Data Privacy Day on Jan. 28, Facebook is launching a new version of its Privacy Basics page to help people understand how to take control of their information on the site. 

SEE ALSO: Your friends might be spying on your Facebook when you're not looking

The new site is mobile-friendly and redesigned based on user feedback. Facebook is also partnering with state attorneys general, privacy experts and others to help users understand how to manage their privacy online. There are 32 guides in 44 languages on the site, covering topics like managing your privacy, customizing who can view different parts of your profile and ways to increase account security. Read more...

More about Security, Privacy, Facebook, and Tech

Google’s Key Transparency project aims to ease a tough task in cryptography

cyber-security-data-sharing Those of us in userland may rarely have to worry about the nuts and bolts of encryption, but they exist nevertheless and must be replaced or updated now and then. Google is taking aim at one particularly stubborn nut, public key verification, with a new open source project called Key Transparency. Read More

Google’s Cloud Platform gets a new key management service

Keys for the Key Maker Google is launching a new key management service for its Cloud Platform today that will help enterprises — especially in regulated industries like healthcare and banking — to create, use, rotate and destroy their encryption keys in the cloud. The aptly named Google Cloud Key Management Service (Cloud KMS) is now available as a beta in select countries. Enterprises have… Read More

A Facebook Live video of torture stayed up for 30 minutes. Why?

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f337945%2febd5c2a2-5013-4c3b-b1df-9f9c182a558a
Feed-twFeed-fb

Live video on Facebook: It's everywhere. On the News Feed, Facebook's algorithm promotes videos when they're streamed. There's a dedicated tab for live video on their mobile app. And in a massive ad campaign seen everywhere from airport walls to TV screens, Facebook's suggesting to you what to broadcast, and how to watch it.

But not everything you come across is safe viewing—for you, or for others.

Earlier this week, up to 16,000 people viewed the torturing of a man in Chicago, according to The Guardian. The video, which lasted about 30 minutes, depicted men gagging and beating another man, who was kept restrained with his mouth taped shut.  Read more...

More about Security, Police, Apps And Software, Tech, and Business
32 visitors online now
2 guests, 30 bots, 0 members
Max visitors today: 45 at 12:13 am UTC
This month: 84 at 02-24-2017 05:15 am UTC
This year: 84 at 01-27-2017 11:42 am UTC
All time: 279 at 10-18-2013 05:24 am UTC
Get Adobe Flash player