Zack Whittaker
Zack Whittaker
Security editor @TechCrunch • +1 646.755.8849 • he/him • zack.whittaker@techcrunch.com • http://tcrn.ch/tips • vaccinatedSource
New York City, NY
CRITIC
img-contested
N/A
2 reviews
PUBLIC
img-contested
N/A
3 reviews

RECENT ARTICLES

Sort by:
No Rating
Passwordstate users warned to ‘reset all passwords’ after attackers plant malicious update – TechCrunch

Passwordstate users warned to ‘reset all passwords’ after attackers plant malicious update – TechCrunch

Click Studios, the Australian software house that develops the enterprise password manager Passwordstate, has warned customers to reset passwords across their organizations after a cyberattack on the password manager.An email sent by Click Studios to customers said the company had confirmed that attackers had “compromised” the password manager’s software update feature in order to steal customer passwords.The email, posted by Polish news site Niebezpiecznik early on Friday, said the malicious update exposed Passwordstate customers over a 28-hour window between April 20-22. Once installed,...

techcrunch.com
Zack Whittaker
Apr 23
Worthy
Share
Save
Give Tip
Review
No Rating
FBI launches operation to remove backdoors from hacked Microsoft Exchange servers – TechCrunch

FBI launches operation to remove backdoors from hacked Microsoft Exchange servers – TechCrunch

A court in Houston has an FBI operation to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers in the United States, months after hackers used to attack thousands of networks.The Justice Department on Tuesday, which it described as “successful.”In March, Microsoft discovered a new China state-sponsored hacking group — Hafnium — targeting Exchange servers run from company networks. The four vulnerabilities when chained together allowed the hackers to break into a vulnerable Exchange server and steal its contents. Microsoft fixed the vulnerabilities but the patches...

techcrunch.com
Zack Whittaker
Apr 13
Worthy
Share
Save
Give Tip
Review
No Rating
A bug in a popular iPhone app exposed thousands of call recordings – TechCrunch

A bug in a popular iPhone app exposed thousands of call recordings – TechCrunch

A security vulnerability in a popular iPhone call recording app exposed thousands of users’ recorded conversations.The flaw was discovered by Anand Prakash, a security researcher and founder of PingSafe AI, who found that the aptly named app allowed anyone to access the call recordings from other users — by knowing their phone number.But using a readily available proxy tool like Burp Suite, Prakash could view and modify the network traffic going in and out of the app. That meant he could replace his phone number registered with the app with the phone number of another app user, and access...

techcrunch.com
Zack Whittaker
Mar 9
Worthy
Share
Save
Give Tip
Review
No Rating
Indian state government website exposed COVID-19 lab test results – TechCrunch

Indian state government website exposed COVID-19 lab test results – TechCrunch

in a website run by the government of West Bengal in India exposed the lab results of at least hundreds of thousands of residents, though likely millions, who took a COVID-19 test.The website is part of the West Bengal government’s mass coronavirus testing program. Once a COVID-19 test result is ready, the government sends a text message to the patient with a link to its website containing their test results.But security researcher Sourajeet Majumder found that the link containing the patient’s unique test identification number was scrambled with base64 encoding, which can be easily...

techcrunch.com
Zack Whittaker
Mar 4
Worthy
Share
Save
Give Tip
Review
No Rating
Minneapolis police tapped Google to identify George Floyd protesters – TechCrunch

Minneapolis police tapped Google to identify George Floyd protesters – TechCrunch

Image Credits: / Getty ImagesPolice in Minneapolis obtained a search warrant ordering Google to turn over sets of account data on vandals accused of sparking violence in the wake of the police killing of George Floyd last year, TechCrunch has learned.The death of Floyd, a Black man killed by a white police officer in May 2020, prompted thousands to across the city. But violence soon erupted, which police say began seen in a viral video with an umbrella and smashing windows of an auto-parts store in south Minneapolis. The AutoZone store was the first among dozens of buildings across the city...

techcrunch.com
Zack Whittaker
Feb 7
Worthy
Share
Save
Give Tip
Review
No Rating
Minneapolis police tapped Google to identify George Floyd protesters – TechCrunch

Minneapolis police tapped Google to identify George Floyd protesters – TechCrunch

obtained a search warrant ordering Google to turn over sets of account data on vandals accused of sparking violence in the wake of the police killing of George Floyd last year, TechCrunch has learned.The death of Floyd, a Black man killed by a white police officer in May 2020, prompted thousands to across the city. But violence soon erupted, which police say began seen in a viral video with an umbrella and smashing windows of an auto-parts store in south Minneapolis. The AutoZone store was the first among dozens of buildings across the city set on fire in the days following.The search...

techcrunch.com
Zack Whittaker
Feb 6
Worthy
Share
Save
Give Tip
Review
No Rating
Clearview AI ruled ‘illegal’ by Canadian privacy authorities – TechCrunch

Clearview AI ruled ‘illegal’ by Canadian privacy authorities – TechCrunch

Controversial facial recognition startup Clearview AI violated Canadian privacy laws when it collected photos of Canadians without their knowledge or permission, the country’s top privacy watchdog has ruled.The New York-based company made its splashy newspaper debut a year ago by claiming it had of people’s faces and touting its connections to law enforcement and police departments. But the startup has faced a slew of criticism for scraping social media sites also without their permission, prompting Facebook, LinkedIn and Twitter to send cease and desist letters to demand it stops.In ,...

techcrunch.com
Zack Whittaker
Feb 3
Worthy
Share
Save
Give Tip
Review
No Rating
Scraped Parler data is a metadata gold mine – TechCrunch

Scraped Parler data is a metadata gold mine – TechCrunch

Embattled social media platform after Apple, Google and Amazon on the site after the violent riot at the U.S. Capitol last week that left five people dead.But while the site is gone (for now), millions of posts published to the site since the riot are not.A lone hacker scraped millions of posts, videos and photos published to the site after the riot but before the site , preserving a huge trove of potential evidence for law enforcement investigating the attempted insurrection by many who allegedly the breach of the Capitol.The hacker and internet archivist, who goes by the online handle ,...

techcrunch.com
Zack Whittaker
Jan 11
Worthy
Share
Save
Give Tip
Review
No Rating
FBI, NSA say ongoing hacks at US federal agencies ‘likely Russian in origin’ – TechCrunch

FBI, NSA say ongoing hacks at US federal agencies ‘likely Russian in origin’ – TechCrunch

The U.S. government says hackers “likely Russian in origin” are responsible for breaching the networks of at least 10 U.S. federal agencies and several major tech companies, including and Microsoft.In a joint statement published Tuesday, the FBI, the NSA and Homeland Security’s cybersecurity advisory unit, CISA, said that the government was “still working to understand the scope” of the breach, but that the breaches are likely an “intelligence gathering effort.”The compromises are “ongoing,” the statement said.The statement didn’t name the breached agencies, but the Treasury, State and the...

techcrunch.com
Zack Whittaker
Jan 5
Worthy
Share
Save
Give Tip
Review
No Rating
Ring refuses to say how many users had video footage obtained by police

Ring refuses to say how many users had video footage obtained by police

Ring gets a lot of criticism, not just for its massive surveillance network of home video doorbells and its problematic privacy and security practices, but also for giving that doorbell footage to law enforcement. While Ring is making moves towards transparency, the company refuses to disclose how many users had their data given to police. The video doorbell maker, acquired by Amazon in 2018, has partnerships with at least 1,800 U.S. police departments (and growing) that can request camera footage from Ring doorbells. Prior to a change this week, any police department that Ring partnered...

techcrunch.com
Zack Whittaker
5 days ago
Worthy
Share
Save
Give Tip
Review
  • Total 28 items
  • 1
  • 2
  • 3
OUTLETS
techcrunch.com

techcrunch.com

CRITIC
img-trusted
67%
PUBLIC
img-trusted
80%
zdnet.com

zdnet.com

CRITIC
img-contested
N/A
PUBLIC
img-trusted
75%