lorenzofb

lorenzofb , 8 days ago to random

NEW: We spoke to official Kaspersky resellers in the U.S. about upcoming sales ban.

They are angry, confused, and worried that the ban will cost them time and money—and was just a political move.

One told us that it will take him 2 months to migrate all his customers to another antivirus, and he will have to pay for it since he doesn't feel like he can charge customers for the change. “It was my suggestion that they use Kaspersky and now Kaspersky is being banned by the United States government. What am I supposed to do?”

The ban and sanctions "are complete bullshit,” another said.

https://techcrunch.com/2024/06/26/how-the-kaspersky-ban-will-hit-resellers-in-the-us/

lorenzofb , 13 days ago to random

NEW: The U.S. government has sanctioned 12 executives and senior leaders of Russian cybersecurity giant Kaspersky.

Notably, Eugene Kaspersky and company itself are not on the sanctions list.

These sanctions come a day after the U.S. government banned the sale of Kaspersky software in the United States.

https://techcrunch.com/2024/06/21/u-s-government-sanctions-kaspersky-executives/

lorenzofb , 14 days ago to random

NEW: U.S. government bans sale of Kaspersky software in the country — both consumers and businesses — due to security and privacy risks from Russian government.

“First of its kind” sales ban starts on July 20. After Sept. 29 Kaspersky can't send updates to U.S. customers.

“Russia has shown it has the capacity, and even more than that, the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans. And that’s why we are compelled to take the action that we’re taking today,” U.S. Commerce Secretary Gina Raimondo said in a call with reporters.

https://techcrunch.com/2024/06/20/us-bans-kaspersky-software-security-risk-russia/

lorenzofb , 16 days ago to random

NEW: An unpatched bug allows anyone to spoof any Microsoft corporate email address, giving malicious hackers a better chance to send credible and harder to spot phishing emails.

Researcher demonstrated to us the bug, sending an email that looked like it was from Microsoft's account security team. The bug only works if target uses an Outlook account.

https://techcrunch.com/2024/06/18/security-bug-allows-anyone-to-spoof-microsoft-employee-emails/

lorenzofb , 1 month ago to random

NEW: There are A LOT of reasons why you should never use stalkerware. We break them all up here.

And we also publish — finally! — a thorough recap of all the hacks and data leaks suffered by stalkerware vendors.

Spoiler alert: there have been 20 (!!!) stalkerware vendors since 2017 that have either been hacked or left sensitive customer and victim data online.

Of those 20, eight have shut down. And there are some other reasons to be optimistic that these apps may be becoming less popular and effective.

https://techcrunch.com/2024/05/31/hacked-leaked-exposed-why-you-should-stop-using-stalkerware-apps/

lorenzofb , 1 month ago to random

NEW: Japanese crypto exchange DMM Bitcoin announced that it suffered a data breach resulting in the theft of around $305 million.

According to a tally by crypto tracking firm Elliptic, this is the eighth largest crypto theft in history.

The company pledged to return all the stolen funds.

https://techcrunch.com/2024/05/31/hackers-steal-305-million-from-dmm-bitcoin-crypto-exchange/

lorenzofb , 1 month ago to random

NEW: Rock giants Bring Me The Horizon hid a QR code inside a song, as a spectrogram.

The QR code led to a hidden hacking-themed website containing unreleased tracks, mysteries to unravel, and codes to crack.

Of course, someone actually hacked the site, forcing the devs to temporarily take it down and scold the hackers.

https://techcrunch.com/2024/05/28/rock-bands-hidden-hacking-themed-website-gets-hacked/

lorenzofb , 1 month ago to random

Time for another updated (although probably incomplete) list of hacked stalkerware makers. If I missed any, please let me know. It's becoming hard to keep track.

-Retina-X (2x)
-FlexiSpy
-Mobistealth
-Spy Master Pro
-SpyHuman
-Spyfone
-Family Orbit
-mSpy
-Copy9
-Xnore
-TheTruthSpy (3x)
-KidsGuard
-Xnspy
-Support King
-LetMeSpy
-Spyhide
-WebDetective
-OwnSpy
-pcTattletale

lorenzofb , 1 month ago to random

SCOOP: A hacker stole subscriber information from the pro-conservative and Christian cell phone carrier Patriot Mobile.

Stolen data, which we verified, includes full names, email addresses, home zip codes, and account PINs.

Patriot Mobile says its mission is "to passionately defend our God-given Constitutional rights and freedoms while glorifying God.”

If only they were so passionate about protecting customer data...

https://techcrunch.com/2024/05/21/conservative-cell-carrier-patriot-mobile-hit-by-data-breach/

lorenzofb , 1 month ago to random

NEW: Security researchers found a bug that potentially allows millions of people to get free laundry.

The two found the flaw in the official app of CSC ServiceWork, a company that provides laundry services for hotels, universities and residential buildings.

The company has so far ignored the researchers' reports, so the bug has not been fixed.

https://techcrunch.com/2024/05/17/csc-serviceworks-free-laundry-million-machines/

lorenzofb , 1 month ago to random

NEW: Healthcare provider WebTPA disclosed a data breach this month, which happened more than a year ago.

The company said the breach affected almost 2.5 million people, some of whom had their SSNs stolen.

But the company hasn't said how many people exactly got their SSNs stolen. WebTPA spokespeople did not respond to our questions seeking clarification.

https://techcrunch.com/2024/05/17/healthcare-company-webtpa-discloses-breach-affecting-2-5-million-people/

lorenzofb , 1 month ago to random

NEW: One of the top European privacy watchdogs is investigating Dell after the company's recent data breaches.

Ireland’s Data Protection Commission (DPC) confirmed to TechCrunch that it has received a breach notification and “it's currently under assessment.”

Dell's EU headquarters are in Ireland, like several other big tech companies, which gives the DPC jurisdiction to investigate.

https://techcrunch.com/2024/05/16/ireland-privacy-watchdog-confirms-dell-data-breach-investigation/

lorenzofb , 1 month ago to random

NEW: Spanish police identified a pro-Catalan independence activist thanks to legal requests to Apple, and encrypted services Wire and Protonmail, according to court documents we obtained.

Spanish authorities used legal requests that listed "terrorism" as the nature of the investigation.

This story shows that using apps that encrypt content won't save you if there's personal info in the metadata.

https://techcrunch.com/2024/05/08/encrypted-services-apple-proton-and-wire-helped-spanish-police-identify-activist/

lorenzofb , 2 months ago to random

NEW: A crypto wallet maker said it had "credible intelligence" that hackers could target iPhone users with a zero-day, and even recommended turning off iMessage.

But the "credible intelligence" was actually just an ad on a scammy-looking dark web site.

Zero-days exist and it's good for people to be aware, but this post went viral and basically just spread FUD.

https://techcrunch.com/2024/04/16/a-crypto-wallet-makers-warning-about-an-imessage-bug-sounds-like-a-false-alarm/

lorenzofb , 3 months ago to random

NEW: Facebook snooped on Snapchat users' encrypted network traffic to study how they behaved, unsealed court documents reveal.

This was part of a secret program called "Project Ghostbusters," and even inside the company, it was very controversial.

“I can’t think of a good argument for why this is okay. No security person is ever comfortable with this, no matter what consent we get from the general public. The general public just doesn’t know how this stuff works,” Pedro Canahuati, Facebook's then-head of security engineering, wrote in an email.

https://techcrunch.com/2024/03/26/facebook-secret-project-snooped-snapchat-user-traffic/

lorenzofb , 3 months ago to random

NEW: After the U.S. government sanctioned a spyware veteran, people who used to work in the spyware industry are concerned there could be more to come.

“If I had to come back to work actively in this industry, and I couldn’t find an exclusive customer that is extremely trustworthy, [sanctions] would be a risk,” a spyware veteran said. “A company, however serious, can never be 100% sure about how its customers act, and the political developments that can embroil them.”

https://techcrunch.com/2024/03/08/spyware-makers-concern-after-us-sanctions-spyware-veteran/

lorenzofb , 4 months ago to random

NEW: Elon Musk switched on X calling by default, which could potentially expose your IP address, and allow spam calls.

We tested how it works in different scenarios and even ran a network analysis test to break it all down.

And it's a real mess. We recommend you switch it off so you don't have to worry about all this.

https://techcrunch.com/2024/03/04/elon-musk-x-twitter-calling-privacy-switch-off/

lorenzofb , 4 months ago to random

NEW: Popular internet-connected video doorbells can be hijacked by anyone who's close to them, researchers find.

All someone needs to do is download an app, hold the doorbell's button for eight seconds, and they can pair the camera with their phone.

These vulnerable internet-connected video doorbells are still on sale on Amazon, while Temu and Walmart took them down after Consumer Reports alerted them.

https://techcrunch.com/2024/02/29/popular-video-doorbells-eken-tuck-hijacked-researchers/