Privacy

Customer Support A Weak Link In Two Factor | Ars Technica

Ars Technica has an interesting write-up on an apparently successful compromise of Google’s two-factor authentication technology. Though in this case, the culprit wasn’t any system Google deployed or managed, but a gullible customer support representative working for the victim’s cell phone carrier. According to this post over at Facebook-for-hipsters site Ello.co, Grant Blakeman woke up on a recent Saturday morning to find that his Google account had been hijacked – despite the fact that he used Google’s two-factor authentication to protect access to the account. How? Blakeman enlisted the help of none-other than Mat Honan, whose own struggles with account hijacking became the subject of a much-cited Wired feature article. As with Honan, Blakeman’s valuable three-character Instagram account, @gb, appears to have been the lure for hackers. (Honan’s @mat Twitter account was what lured his attackers.) Read “Researchers sidestep Paypal Two-Factor Authentication.” After a conversation with Honan, Blakeman contacted his cell provider and […]

Continue Reading

You’re Doing NAT Wrong! One Million SOHO Routers Vulnerable

A vulnerability in more than 1 million small office and home office (or SOHO) routers makes them potentially vulnerable to remote attacks that could expose private internal network traffic to prying eyes, according to a warning posted by the firm Rapid7.

Continue Reading

Refrigerator Spam And Other Tall Tales: The Enterprise IoT Risk

On Thursday, I will chair an excellent discussion of security and the Internet of Things at the Qualys Security Conference (QSC) in Las Vegas. The discussion has the working title “Refrigerator Spam and Other Tall Tales: Assessing the Real Internet of Things Risk for Your Organization.“  As the title suggests, we’ll be disclaiming the FUD (fear, uncertainty and doubt) that surrounds much of the IoT and security space, while also highlighting the real risks that more and diverse connected devices pose to enterprises. I’ll be joined on stage by some truly exceptional minds. Among them: Danny McPherson, the Senior Vice President and Chief Security Officer at Verisign and Jonathan Trull, Chief Information Security Officer, Qualys. (Jon was our guest at the first Security Ledger/Invincea CISO hangout last week.). On stage with us will be Chris Rezendes, the President of INEX Advisors and one of our moderators at The Security of Things Forum.  We’ll also be joined […]

Continue Reading

McKinsey: Consumers Want Connected Cars – And Fear Them, Too

The consulting firm McKinsey & Co. has released an interesting report on the future of connected vehicles. But it has some sobering data for car makers: concerns about privacy and the possibility that connected cars could be hacked are major concerns for consumers that could dampen enthusiasm for smart vehicles. The report, “What’s Driving the Connected Car?” finds that connectivity features will be a major driver of car sales in the coming years, with car buyers increasingly accustomed to vehicles that sport sophisticated interactive and networking features. That said: security concerns may hamper the “rapid and broad adoption” of connected vehicle technology. For its report, McKinsey interviewed 2,000 new car buyers in four countries: Brazil, China, Germany and the U.S. The survey found that a quarter of respondents considered connectivity a more important feature than engine power or even fuel efficiency. The firm estimates that connectivity features will become increasingly important selling features […]

Continue Reading

New York City Phone Booths Add Beacons, Stoke Controversy

The web site Buzzfeed has a scoop today about a stealthy deployment of beacon technology in Manhattan that has some privacy experts concerned. According to the exclusive report, by Buzzfeed’s Joseph Bernstein and Jeremy Singer-Vine, Titan a media company that sells ad space in more than 5,000 phone kiosk panels in New York City’s five boroughs, has installed about 500 beacons on its ad panels. The company went forward with the deployment with the blessing of New York City’s Department of Information Technology and Telecommunications (DoITT), but without any public input, Buzzfeed reported. Beacons are wireless devices that interact with mobile phones and other portable electronics. They’re used to provide location-specific data and interactions, such as advertisements linked to nearby businesses or to track the movements of an individual within a defined space (such as a show floor). In the case of the phone booth beacons, Titan and Sbordone, the company that provides the display […]

Continue Reading
1 15 16 17 18 19 47