Compared to a password that’s either too simple to be effective, or too hard to remember, a fingerprint is a great security tool. But they’re not infallible, in fact, they can be easily replicated with just a photo. So researchers are taking fingerprint security one step further and scanning them in three dimensions. »
Squads of Chinese hackers aren’t the only threat to internet infrastructure in the US, it would seem: the FBI is reportedly investigating “at least 11” physical attacks on high-capacity internet cables in the Bay Area dating back a year. »
Fallout from the cyberattack on the US Office of Personnel Management is already starting: Federal background checks have been shut down for six to eight weeks as a “proactive” security measure. New employees and contractors will be left in clearance limbo as OPM cleans up its system. »
A new system from MIT’s CSAIL, or Computer Science and Artificial Intelligence Laboratory, does something incredible to fix buggy software: It borrows healthy code from other applications–and then fixes the bug without ever accessing the original source code. »
Earlier this week, a Microsoft security researcher wrote a scathing account of how Samsung’s SW Update tool (installed by default on all Samsung PCs) is disabling Windows Update, potentially leaving millions of computers vulnerable to critical security flaws. Thankfully, Samsung’s crack bloatware programmers have seen… »
This self-contained snooping device can steal data from laptops within 19 inches of it, sniffing out information based on the radio waves that leak from processors as a result of their variations in power use. And, as its designers point out, it’s small enough to fit inside a pita. »
Windows updates are simultaneously very boring and incredibly important: they have a habit of shutting down your computer at the wrong moment, but also patch critical security flaws with alarming regularity. So if a manufacturer decided to disable Windows Update to favor its own crappy bloatware, that would be… »
Here’s some bad news for Android users. Security researchers have discovered 100+ more apps that fail to encrypt your login data properly, making it frightfully easy for hackers to steal your password. What’s worse: the vast majority of the app makers aren’t doing anything about it. »
Police used facial recognition technology to scan the faces of thousands of attendees at the Download music festival in the UK without their knowledge. Because this is the world we live in.
If you don’t already have two-step authentication enabled on your all your accounts, you really need to turn it on for anything sensitive. Here’s how.
A UK company claims to have invented the idea of using a set of emoji to replace a PIN number, suggesting that our stupid brains find it easier to remember the silly drawing people face things — and that the increased complexity of the emoji character set makes brute-forcing into our bank accounts substantially harder. »
It’s very hard to overstate how important the US power grid is to American society and its economy. Every critical infrastructure, from communications to water, is built on it and every important business function from banking to milking cows is completely dependent on it. »
Identified a security hole in a piece of well-known software? You could alert the maker to keep everyone safe — or you could sell it to the U.S. Navy, which will buy the information from you in order to build software to exploit the hole. »
This is a bad week to be a federal employee, and it just got worse. The AP is reporting on a second brutal cyberattack on the federal government revealed this week, carried out by the same hackers who reported accessed the records of every single federal employee. This second hack focused on grabbing extremely… »