Authentication

Google Patches Unicode Domain Phishing Bug in Chrome
Authentication, Privacy

Google Patches Unicode Domain Phishing Bug in Chrome

Google has patched a dangerous issue in Chrome that enabled attackers to spoof legitimate domains in the browser by using unicode characters rather than normal ones. That vulnerability is the result of the way that Chrome handles some unicode characters and it’s not necessarily a new issue. Security experts have […]

Facebook Launches Beta of New Account Recovery System
Authentication

Facebook Launches Beta of New Account Recovery System

Facebook has opened a beta program for its new Delegated Account Recovery system, which is designed to replace traditional email or SMS-based recovery processes. The Facebook system allows users to connect their Facebook accounts with other services and use that trusted link to recover access to one of the accounts. The company […]

Inside the Total Compromise of a $25 Billion Bank
Authentication, Hacking

Inside the Total Compromise of a $25 Billion Bank

ST. MAARTEN–On a quiet Saturday afternoon in October 2016, security researchers in Latin America began noticing some odd behavior in the Brazilian banking system. Customers visiting the  website of one of the country’s larger banks were being hit with automatic malware downloads, but as the researchers began investigating the incident, […]

Researchers Tie Bank Attacks to North Korea
Authentication, Hacking

Researchers Tie Bank Attacks to North Korea

ST. MAARTEN–New details discovered in the investigation into the string of attacks on banks around the world using the SWIFT network show have linked the intrusions to attackers based in North Korea. Separate research conducted by experts at SWIFT, Kaspersky Lab, and BAE Systems uncovered a trail of clues that, […]

Highly Effective Phishing Attack Targets Corporate Travelers
Authentication

Highly Effective Phishing Attack Targets Corporate Travelers

Attackers are using the lure of airline reservations as part of a highly effective phishing campaign that researchers say is successful about 90 percent of the time. The campaign targets corporate victims, and the attackers behind it seem to be doing quite a bit of research before sending the phishing […]

iOS 10.3 Fixes Dozens of Serious Flaws
Authentication, Device Security

iOS 10.3 Fixes Dozens of Serious Flaws

With the release of iOS 10.3 today, Apple has patched more than two dozen vulnerabilities that could lead to arbitrary code execution in a new release of iOS. Many of the code-execution bugs are in the iOS kernel and several others are in the FontParser component of the operating system. […]

Another Critical Bug Hits LastPass
Authentication, Identity

Another Critical Bug Hits LastPass

A few days after LastPass released a fix for some critical security flaws in its extensions for Chrome and Firefox, a researcher has identified a new vulnerability in the browser extension that allows an attacker to get full code execution on a target machine. The details of the new bug […]