When Apple announced that the Apple Watch would be able to use Apple Pay, the company's new mobile payment initiative, many wondered how secure the payments would be if the device lacked the security of Touch ID, which is used in the iPhone 6's implementation. Now, several members of the press have confirmed how the system works.
You can be forgiven if the FIDO Alliance is not on your radar screen. It was launched barely 18 months ago, to help solve the “password crisis” online; but it’s already proven to be one of most influential security bodies we’ve yet seen.
The typical Internet user has dozens of accounts and passwords. Not only are they a pain in the rear, poor passwords practices are increasingly implicated in fraud and terrible misadventures like the recent “iCloud Hack” which exposed celebrities’ personal details.
Talk about finding a needle in a haystack.
The Defense Advanced Research Projects Agency says it wants to develop sophisticated code that can find faults in key algorithms used to anchor major software packages that for example implement hash tables or conduct password checks.
In recent weeks you’ve heard a lot of discussion around the cyber risks to aircraft and automobiles. After the Black Hat, DefCon and BSides conferences in Las Vegas, Nev., in July, it would seem that a great deal of necessary attention will be paid to the security of design and implementation of these two key critical transportation components. The cybersecurity volunteer organization I Am The Cavalry has created an awareness campaign (which I have signed on to and you should too!) aimed at automakers.
The hackers behind the Kelihos botnet are trying to capitalize on users' increased awareness about the security of Apple online accounts through a new phishing campaign.
According to security researchers from Symantec, the Kelihos botnet has started sending spam emails that purport to be security alerts from Apple informing recipients that a purchase was made using their Apple ID from the iTunes Store. Apple IDs are the accounts that customers use to access Apple's online services.
Much of what we’re expecting at Apple’s iPhone 6 event we already think we know, but that doesn’t mean Apple isn’t doubling down on security ahead of its Sept. 9 event. Folks involved at the Flint Center for the Performing Arts say security is extremely tight; Apple is supposedly covering phone cameras of construction and catering staff with tamper-proof tape, which changes colors if removal is attempted.
By sniffing out the details of network communications, University of New Haven researchers have uncovered a host of data-leakage problems in Instagram, Vine, Nimbuzz, OoVoo, Voxer and several other Android apps.
Security advisories for OpenSSL should not be used for competitive advantage, according to the development project behind the widely used cryptography component.
The warning comes from the OpenSSL Project, which has published for the first time guidelines for how it internally handles security problems, part of an ongoing effort to strengthen the project following the Heartbleed security scare in April.
Home Depot revealed Monday that a security breach of customer payment data did occur at its stores, confirming suspicions raised last week that millions of its customers could be at risk of fraud.
Following an announcement last Tuesday it was investigating "unusual activity" related to customer payment cards, the Atlanta-based home improvement retailer said any customer who used a credit or debit card in its US stores since April could be affected by the breach.
It has not been a pretty week for Home Depot. Last Tuesday security researcher Brian Krebs reported that there were signs of a massive breach at the retailer and then later, that the breach looked to be especially large, impacting just about all of the retailer’s stores across the country.
Home Depot said it was investigating the “unusual activity.”
