by Paul Ducklin In case you’ve never heard of it, Have I Been Pwned, or HIBP as it is widely known, is an online service run out of Queensland in Australia by a data breach researcher called Troy Hunt. The idea behind HIBP is straightforward: to give you a quick . . . Read more
People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen Google is extending its Password Checkup feature to Android in a bid to help people make their online accounts more secure. Originally introduced as an extension for the Google Chrome web browser two . . . Read more
Co-authored by Sally Adam and Doug Aamoth Many pupils are starting their new school term from home rather than the classroom. For families with younger kids, home schooling is often the first time that their children have needed to use computers (rather than gaming consoles) in earnest. Whether you’re new to home schooling, going back to it after a break, or . . . Read more
Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers found the devices use default passwords.
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay. Researchers have found serious security and privacy in 11 different smart doorbells, distributed via online marketplaces like Amazon and eBay, which could . . . Read more
This won’t be music to your ears – researchers spot an unsecured database replete with records used for an account hijacking spree Researchers have found an unsecured internet-facing database containing over 380 million individual records, including login credentials that were leveraged for breaking into 300,000 to 350,000 Spotify accounts. The . . . Read more
They’re supremely easy to remember, as well as easy to crack. Here’s how to improve your password security. The post The worst passwords of 2020: Is it time to change yours? appeared first on WeLiveSecurity
The North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website. The North Face has reset its customers’ passwords after attackers launched a credential-stuffing attack against the popular outdoor outfitter’s website. In a recent data-breach notification, the company told customers that it . . . Read more
Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum.
Trump’s weak Twitter password and lack of basic two-factor authentication protections made it shockingly simple to hack his account, Dutch security researcher Victor Gevers reported. Dutch ethical hacker Victor Gevers claims it only took five attempts to guess the password to President Donald Trump’s Twitter account — “maga2020!”. That’s . . . Read more