security

Europe’s rush for a COVID-19 ‘digital pass’ stirs concerns

More details have emerged today about the European Commission’s legislative proposal for a pan-EU ‘digital green pass’ to show verified COVID-19 status. The plan is controversial fro

Jamaica’s Amber Group fixes second JamCOVID security lapse

Amber Group has fixed a second security lapse that exposed private keys and passwords for the government’s JamCOVID app and website. A security researcher told TechCrunch on Sunday that the Ambe

A race to reverse-engineer Clubhouse raises security concerns

As live audio chat app Clubhouse ascends in popularity around the world, concerns about its data practices also grow. The app is currently only available on iOS, so some developers set out in a race t

Palo Alto Networks acquired DevOps security startup Bridgecrew for $156M

Update: after this article was published, Palo Alto Networks confirmed the acquisition for $156 million. Our original story is below. The pandemic and the world’s big shift to doing (even) more

Base Operations raises $2.2 million to modernize physical enterprise security

Typically when we talk about tech and security, the mind naturally jumps to cybersecurity. But equally important, especially for global companies with large, multinational organizations, is physical s

CD Projekt hit by ransomware attack, refuses to pay ransom

Polish video game maker CD Projekt, which makes Cyberpunk 2077 and The Witcher, has confirmed it was hit by a ransomware attack. In a statement posted to its Twitter account, the company said it will

WhatsApp adds biometric authentication to its web and desktop versions

WhatsApp, the Facebook-owned popular messaging app with more than 2 billion users, has been getting a lot of heat and losing users in recent weeks after announcing (and then delaying) changes to how i

ProtonMail, Threema, Tresorit and Tutanota warn EU lawmakers over ‘anti-encryption’ push

Four European apps which secure user data via end-to-end encryption, ProtonMail, Threema, Tresorit and Tutanota, have issued a joint-statement warning over recent moves by EU institutions that they sa

IAC’s Teltech acquired encrypted mobile messaging app Confide

IAC has acquired Confide, the encrypted mobile messaging that once made headlines for its use by White House staffers during the Trump administration. The deal, which closed on Dec. 1, 2020 but was no

Google’s BeyondCorp Enterprise security platform is now generally available

Google today announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondC

Vdoo raises $25M more to develop its AI-based security for IoT and connected devices

It’s estimated that there were some 50 billion connected devices globally in 2020, and while that really says a lot about how far we’ve come in tech, for many it also speaks to a big issue

Ubiquiti says customer data may have been accessed in data breach

Ubiquiti, one of the biggest sellers of networking gear, including routers, webcams and mesh networks, has alerted its customers to a data breach. In a short email to customers on Monday, the tech com

Twitter fined ~$550K over a data breach in Ireland’s first major GDPR decision

Ireland’s Data Protection Commission (DPC) has issued Twitter with a fine of €450,000 (~$547,000) for failing to promptly declare and properly document a data breach under Europe’s Gener

EU Council wants secure encryption and lawful data access

The Council of the European Union, the body which represents individual EU Member States’ governments, has adopted a resolution on encryption — calling for what they dub “security th

On encryption and counter-terrorism, EU lawmakers say they’ll work for ‘lawful’ data access

EU lawmakers have just unveiled a wide-ranging counter-terrorism agenda as they set out plans to beef up regional security. The plan touches on some key tech topics — the most keenly watched of

Researchers say hardcoded passwords in GE medical imaging devices could put patient data at risk

Dozens of medical imaging devices built by General Electric are secured with hardcoded default passwords that can’t be easily changed, but could be exploited to access sensitive patient scans, a

German secure email provider Tutanota forced to monitor an account, after regional court ruling

German e2e encrypted email provider Tutanota has been ordered by a regional court to develop a function that allows it to monitor an individual account. The encrypted email service provider has been f

US Fertility says patient data was stolen in a ransomware attack

U.S. Fertility, one of the largest networks of fertility clinics in the United States, has confirmed it was hit by a ransomware attack and that data was taken. The company was formed in May as a partn

Messaging app Go SMS Pro exposed millions of users’ private photos and files

Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users. Worse, the app maker has done nothing to fix the bug. Security r

Cryptocurrency exchange Liquid confirms hack

Cryptocurrency exchange Liquid has confirmed it was hacked, but that the scope of the incident is still under investigation. The company’s chief executive Mike Kayamori said in a blog post the a
Load More