Nervous Nissan UK drivers were today assured by the car maker that Connect EV app log-in failures are related to a migration of data onto a new platform rather than anything more nefarious.
Customers contacted The Reg after receiving what one described as a slew of password resets and some speculated on the potential cause.
According to a new ruling issued last week by a federal magistrate in Oakland, California, the government can't get a warrant granting permission to turn up at a local house allegedly connected to a criminal suspect, seize all digital devices, and force anyone found at the house to use biometrics to try to unlock those devices.
Pwn2Own has been the foremost hacking contest for more than a decade, with cash prizes paid for exploits that compromise the security of all manner of devices and software. Browsers, virtual machines, computers, and phones have all been fair game. Now in its 13th year, the competition is adding a new category—a Tesla Model 3, with more than $900,000 worth of prizes available for attacks that subvert a variety of its onboard systems.
A recently addressed vulnerability in Office 365 allowed attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes.
The issue, cloud security firm Avanan says, resided in the use of zero-width spaces (ZWSPs) in the middle of malicious URLs within the RAW HTML of the emails. This method breaks the URLs, thus preventing Microsoft’s systems from recognizing them and also preventing Safe Links from successfully protecting users.
Hardware security key maker Yubico has a new product in the works to give iPhones the same authentication technology available today to Android phones and to Windows and Mac personal computers.
Previewed at the CES show this week, the YubiKey for Lightning supports Apple's proprietary iPhone and iPad port on one end and the USB-C port common on Android phones and PCs. By tapping into logon standards such as FIDO 2, WebAuthn, and U2F, hardware security keys provide extra security in addition to passwords -- or sometimes with no password at all.
The prices for James Bond-style hacks keep growing, especially for those that hijack iPhones and secure messaging apps. It's the latest sign that governments and police forces around the world are as eager as ever to exploit software that's becoming ever more difficult to compromise.
In case you missed it, smart home devices are vulnerable to hackers.
Experts have been warning us for years that smart devices aren't so smart when it comes to security, showing us how easily a car, a doll or a security camera could be hacked. And hackers have done their best to prove the cybersecurity experts right -- from yelling at a baby through an internet-connected baby monitor to using vulnerable security camera systems to cripple the web's infrastructure.
A cyber security researcher canceled a hacking conference briefing on how he said he could crack biometric facial recognition on Apple Inc (AAPL.O) iPhones, at the request of his employer, which called the work “misleading.”
A year ago today, Intel coordinated with a web of academic and independent researchers to disclose a pair of security vulnerabilities with unprecedented impact. Since then, a core Intel hacking team has worked to help clean up the mess—by creating attacks of their own.
Twitter is claiming to have resolved a bug that allowed a group of London-based security researchers to post unauthorised tweets to the accounts of British celebrities and journalists. But the hackers who initially disclosed the vulnerability says that’s complete rubbish.
