After years of promises and limited tests, Meta has started rolling out default end-to-end encryption protection for Messenger. In an announcement, Mark Zuckerberg said that personal chats and calls will get default end-to-end encryption. However, encryption for group chats still…
Category: Security News | TechCrunch
Your mobile password manager might be exposing your credentials
A number of popular mobile password managers are inadvertently spilling user credentials due to a vulnerability in the autofill functionality of Android apps. The vulnerability, dubbed “AutoSpill,” can expose users’ saved credentials from mobile password managers by circumventing Android’s secure…
US senator warns governments are spying on Apple and Google users via push notifications
U.S. senator Ron Wyden (D-OR) has warned in a letter to the Justice Department that unidentified governments are spying on Apple and Google phone users through their push notifications. The letter says his office received a tip last year that…
CISA says US government agency was hacked thanks to ‘end of life’ software
U.S. cybersecurity agency CISA has warned that unknown hackers broke into the servers of a federal government agency by taking advantage of a previously known vulnerability in software that no longer receives updates — meaning the agency couldn’t have patched…
Millions of patient scans and health records spilling online thanks to decades-old protocol bug
Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as…
Used by only a few nerds, Facebook kills PGP-encrypted emails
In 2015, as part of the wave of encrypting all the things on the internet, encouraged by the Edward Snowden revelations, Facebook announced that it would allow users to receive encrypted emails from the company. Even at the time, this…
23andMe confirms hackers stole ancestry data on 6.9 million users
On Friday, genetic testing company 23andMe announced that hackers accessed the personal data of 0.1% of customers, or about 14,000 individuals. The company also said that by accessing those accounts, hackers were also able to access “a significant number of…
ArmorCode raises $40M to consolidate security data in one place
ArmorCode, a cybersecurity platform that gathers vulnerability data from connected apps and software infrastructure, consolidating the data into a single location and standardizing it for analysis, has raised $40 million in a Series B round led by HighlandX with participation…
23andMe says hackers accessed ‘significant number’ of files about users’ ancestry
Genetic testing company 23andMe announced on Friday that hackers accessed around 14,000 customer accounts in the company’s recent data breach. In a new filing with the U.S. Securities and Exchange Commission published Friday, the company said that, based on its…
Apple releases security updates for iOS, iPadOS and macOS, fixing two actively exploited zero-days
Apple has released security updates for iPhones, iPads and Macs to patch against two vulnerabilities, which the company says are being actively exploited to hack people. The technology giant rolled out new software updates, iOS and iPadOS 17.1.2, and macOS…