We found that because of third-party SDKs many popular apps are exposing user data to the internet, with advertising SDKs usually to blame. They collect user data so they can show relevant ads, but often fail to protect that data when sending it to their servers. Read Full Article
In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others Read Full Article
In this research we’ll be revisiting the USB port – this time in attempts to intercept user authentication data on the system that a microcomputer is connected to. As we discovered, this type of attack successfully allows an intruder to retrieve user authentication data – even when the targeted system is locked. Read Full Article
The telecoms sector is under fire on all sides – hit by direct attacks on organizations and networks, indirect attacks in search of subscribers, and collateral damage from unrelated, targeted campaigns. This report reveals the many layers of vulnerability. Read Full Article
The RSA Conference 2015 is being held at the Moscone Center in San Francisco. It a massive event, with thousands of people in attendance. Read Full Article
Hotels used to offer customers free tablets while using their facilities. In one such hotel a free iPad especially installed in my room included a lot of private personal information from previous guests. Read Full Article
When we’re traveling we tend to bring lots of smart devices with us. It’s great to be able to share a beautiful photo, let people know where you are or put your latest news on Twitter or Facebook. It’s also… Read Full Article
Part 2. Tips for using ATMs and avoiding credit card cloning Are you planning to visit Brazil during the World Cup? Welcome! Hope you enjoy your stay! How are you planning to pay your bills while you’re here? Cash or… Read Full Article
Yesterday, Lavabit – a secure e-mail provider – announced that it’s closing down their operations. The official text and the Website looks like this: Lavabit was one of the very few secure e-mail service providers bringing security for its paid customers… Read Full Article
Before BlackHat and DefCon taking place this week in Las Vegas, another conference attracts security experts: Passwords13. A free to attend conference about Passwords and Authentication from attackers and defenders perspective. Last conference (Passwords12) in Oslo was the opposite when it… Read Full Article