A flaw in the Bluetooth communication protocol may expose modern device users to tracking and could leak their ID, researchers claim. The vulnerability can be used to spy on users despite native OS protections that are in place and impacts Bluetooth devices on Windows 10, iOS, and macOS machines. This includes iPhones, iPads, Apple Watch models, MacBooks, and Microsoft tablets & laptops. Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy. On Wednesday, researchers from Boston University David Starobinski and...…A flaw in the Bluetooth communication protocol may expose modern device users to tracking and could leak their ID, researchers claim. The vulnerability can be used to spy on users despite native OS protections that are in place and impacts Bluetooth devices on Windows 10, iOS, and macOS machines. This includes iPhones, iPads, Apple Watch models, MacBooks, and Microsoft tablets & laptops. Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy. On Wednesday, researchers from Boston University David Starobinski and...WW…

At 11:30 pm on Monday, 10 June, my oldest daughter shook my shoulder to wake me up from a deep sleep. She said that it appeared my Twitter account had been hacked. It turns out that things were much worse than that. Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.After rolling out of bed, I picked up my Apple iPhone XS and saw a text message that read, "T-Mobile alert: The SIM card for xxx-xxx-xxxx has been changed. If this change is not authorized, call 611." Well, seeing as how T-Mobile took away my...…At 11:30 pm on Monday, 10 June, my oldest daughter shook my shoulder to wake me up from a deep sleep. She said that it appeared my Twitter account had been hacked. It turns out that things were much worse than that. Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.After rolling out of bed, I picked up my Apple iPhone XS and saw a text message that read, "T-Mobile alert: The SIM card for xxx-xxx-xxxx has been changed. If this change is not authorized, call 611." Well, seeing as how T-Mobile took away my...WW…

Is Internet Explorer (IE) a browser? According to Microsoft, no. Today, it's a 'compatibility solution' for enterprise customers to deal with legacy sites that should be updated for modern browsers. Chris Jackson, Microsoft's worldwide lead for cybersecurity, really doesn't want enterprise customers to use IE for all web traffic, even though for some organizations that would be the easiest option.  Companies in that situation are willing to take on 'technical debt', such as paying for extended support for a legacy software, but that habit needs to stop in the case of IE, argues Jackson in ,...…Is Internet Explorer (IE) a browser? According to Microsoft, no. Today, it's a 'compatibility solution' for enterprise customers to deal with legacy sites that should be updated for modern browsers. Chris Jackson, Microsoft's worldwide lead for cybersecurity, really doesn't want enterprise customers to use IE for all web traffic, even though for some organizations that would be the easiest option.  Companies in that situation are willing to take on 'technical debt', such as paying for extended support for a legacy software, but that habit needs to stop in the case of IE, argues Jackson in ,...WW…

Hackers have breached the severs of email provider VFEmail.net and wiped the data from all its US servers, destroying all US customers' data in the process.The attack took place yesterday, February 11, and was detected after the company's site and webmail client went down without notice."At this time, the attacker has formatted all the disks on every server," the company said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost.""This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy," VFEmail said.The company's...…Hackers have breached the severs of email provider VFEmail.net and wiped the data from all its US servers, destroying all US customers' data in the process.The attack took place yesterday, February 11, and was detected after the company's site and webmail client went down without notice."At this time, the attacker has formatted all the disks on every server," the company said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost.""This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy," VFEmail said.The company's...WW…

Users of the photography site 500px will need to reset their passwords, following a breach where an attacker was able to take "partial user data" from July 5 last year.According to a by the company, the data types hit include usernames, first and last names, email address, password hash, date of birth, address information, and gender. "If you were a 500px user on or prior to July 5, 2018, you have been affected," the company said. "We've concluded this issue affected certain information that users provided when filling out their user profiles." 500px said it learned of the issue on February...…Users of the photography site 500px will need to reset their passwords, following a breach where an attacker was able to take "partial user data" from July 5 last year.According to a by the company, the data types hit include usernames, first and last names, email address, password hash, date of birth, address information, and gender. "If you were a 500px user on or prior to July 5, 2018, you have been affected," the company said. "We've concluded this issue affected certain information that users provided when filling out their user profiles." 500px said it learned of the issue on February...WW…

New provisions made to China's Cybersecurity Law last November gives state agencies the legal authority to remotely conduct penetration testing on any internet-related business operating in China, and even copy and later share any data government officials find on inspected systems.Any company that provides an internet-related service with more than five internet-connected computers is susceptible to these inspections.The Chinese government agency tasked with carrying out these penetration tests is the Ministry of Public Security (MPS), the same agency which also maintains China's Great...…New provisions made to China's Cybersecurity Law last November gives state agencies the legal authority to remotely conduct penetration testing on any internet-related business operating in China, and even copy and later share any data government officials find on inspected systems.Any company that provides an internet-related service with more than five internet-connected computers is susceptible to these inspections.The Chinese government agency tasked with carrying out these penetration tests is the Ministry of Public Security (MPS), the same agency which also maintains China's Great...WW…

An independent report authored by a US government auditing agency has recommended that Congress develop internet data privacy legislation to enhance consumer protections, similar to the EU's General Data Protection Regulation (GDPR).was put together by the US Government Accountability Office (GAO), a bi-partisan government agency that provides auditing, evaluation, and investigative services for Congress. Its reports are used for hearings and drafting legislation.The House Energy and Commerce Committee, which requested the GAO report two years ago, has scheduled a hearing for February 26,...…An independent report authored by a US government auditing agency has recommended that Congress develop internet data privacy legislation to enhance consumer protections, similar to the EU's General Data Protection Regulation (GDPR).was put together by the US Government Accountability Office (GAO), a bi-partisan government agency that provides auditing, evaluation, and investigative services for Congress. Its reports are used for hearings and drafting legislation.The House Energy and Commerce Committee, which requested the GAO report two years ago, has scheduled a hearing for February 26,...WW…

One of the facial recognition databases that the Chinese government is using to track the Uyghur Muslim population in the Xinjiang region has been left open on the internet for months, a Dutch security researcher told ZDNet.The database belongs to a Chinese company named SenseNets, which according to its website provides video-based crowd analysis and facial recognition technology.Yesterday, Victor Gevers, a well-known security researcher that in the past few years by finding leaky MongoDB databases did what he does best and found one of SenseNets' MongoDB databases that had been left...…One of the facial recognition databases that the Chinese government is using to track the Uyghur Muslim population in the Xinjiang region has been left open on the internet for months, a Dutch security researcher told ZDNet.The database belongs to a Chinese company named SenseNets, which according to its website provides video-based crowd analysis and facial recognition technology.Yesterday, Victor Gevers, a well-known security researcher that in the past few years by finding leaky MongoDB databases did what he does best and found one of SenseNets' MongoDB databases that had been left...WW…

With federal elections scheduled for late September in Germany, momentum is building behind using anti-botnet laws against automated social-media accounts that churn out disinformation.Do you like sharing your favorite music videos like ? Do you use Twitter to track  Do you link to ? Well, if the latest version of the EU Copyright Directive is passed by the European Parliament, you may not do any of the above. The directive will kill the internet as we know it. Also: The Directive on Copyright contains two poisonous articles: Article 11 and Article 13. The first requires news aggregator...…With federal elections scheduled for late September in Germany, momentum is building behind using anti-botnet laws against automated social-media accounts that churn out disinformation.Do you like sharing your favorite music videos like ? Do you use Twitter to track  Do you link to ? Well, if the latest version of the EU Copyright Directive is passed by the European Parliament, you may not do any of the above. The directive will kill the internet as we know it. Also: The Directive on Copyright contains two poisonous articles: Article 11 and Article 13. The first requires news aggregator...WW…

The reported investment of Chinese company Tencent in the Reddit platform has outraged users concerned over potential future censorship.Last week, which suggested Tencent was in charge of a Series D funding round designed to give Reddit a cash injection of between $150 million and $300 million.The funding round sets Reddit at a $2.7 billion pre-money valuation and comes after a Series C funding round, conducted in 2017, which raised $200 million for the content-sharing service. In total, Reddit has raised $250.1 million.The irony of Reddit joining forces with Tencent, especially considering...…The reported investment of Chinese company Tencent in the Reddit platform has outraged users concerned over potential future censorship.Last week, which suggested Tencent was in charge of a Series D funding round designed to give Reddit a cash injection of between $150 million and $300 million.The funding round sets Reddit at a $2.7 billion pre-money valuation and comes after a Series C funding round, conducted in 2017, which raised $200 million for the content-sharing service. In total, Reddit has raised $250.1 million.The irony of Reddit joining forces with Tencent, especially considering...WW…