My Apple News app recently served up some targeted marketing that really hit home. There before me was the opportunity to purchase a limited-edition 11 Herbs & Spices Firelog from KFC and Envirolog, sold through Walmart. Sometimes it’s just plain spooky how these internet algorithms understand us on a deeper level. How did they know I’d been thinkin

Facebook, Samsung and Ring have unveiled new or improved privacy and security tools at the 2020 CES consumer electronics show taking place this week in Las Vegas.Facebook announced a revamped version of Privacy Checkup, a tool launched in 2014 in an effort to make it easier for users to manage the information they share on the social media network.The improv

F5 Networks announced on Thursday that it has agreed to acquire privately held Shape Security for approximately $1 billion in cash.Shape was founded in 2011 by Derek Smith (CEO), Justin Call (VP, R&D), and Sumit Agarwal (COO) and emerged from stealth in 2014.In September 2019, Shape raised a $51 million in Series F growth funding, valuing the company at

Hunting Magecart with URLscan.ioMagecart -- originally the name applied to a single criminal gang but now the umbrella term for a JavaScript-based web skimming attack -- has emerged as a major threat to the security of payment card details. Once the skimmer code has been inserted into the payment function of a website, its operation can be silent and efficie

Google this week announced plans to turn off access to G Suite account data for less secure apps (LSAs), as they represent a potential security risk for users.LSAs are non-Google apps that have been granted access to Google accounts, but which only employ a username and password for login. Thus, they make accounts more vulnerable to hijacking attempts, unlik

Google on Monday announced that it has released the source code of a tool designed to help developers identify vulnerabilities related to file access.The tool, named PathAuditor, has been useful to Google and the company has now decided to release it as open source. The tech giant is still actively working on PathAuditor, but hopes that the community can hel

Cisco Talos this week released a new tool designed to make it easier to create complex applications that have lengthy dependency chains.Called Mussels, the cross-platform, general-purpose dependency build automation tool allows software developers to easily download, build, and assemble app dependencies.The tool’s creator is Micah Snyder, a Cisco Talos resea

Google has shared some data on the adoption of Transport Layer Security (TLS) by Android applications and it seems that significant progress has been made over the past two years.According to Google, 80% of Android apps now encrypt traffic by default and the percentage is even higher in the case of applications designed for the latest versions of the operati

Years ago, I worked on a consulting project for a large financial services company, which had recently invested $20 million into their core offering, a managed services platform for financials that was used by hundreds of customers. We did a Failure Mode Effect Analysis for them, looking at every component making up the major service—every app, every pi

Arizona transportation officials announced enhanced security measures Thursday for a state website that identity thieves exploited to get dozens of duplicate driver's licenses.The Arizona Department of Transportation announced new safeguards after acknowledging to Azfamily.com this week that at least 164 drivers have been the victims of theft.The cases go ba

In the old world, applications generally consisted of a web server, an app server and a database. Traffic went from router to switch to firewall. There was a network perimeter, which was our ingress. That was then, this is now. With the cloud, containers and microservices, we’re navigating an environment that includes clients, proxies, web servers, app

An update that Apple will soon release for iOS 13 and iPadOS should resolve an issue that leads to third-party keyboard apps getting elevated permissions without the user’s approval.In an advisory released on September 24 — first spotted by TechCrunch — Apple informed customers that it’s working on an update that should fix the issue.The company explained th

A threat actor referred to as POISON CARP has targeted senior members of Tibetan groups via WhatsApp for around six months, Citizen Lab reveals.The attacks, carried out between November 2018 and May 2019, employed individually tailored WhatsApp text exchanges, where the attackers were posing as NGO workers, journalists, and other fake personas.Links sent to

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.Cycode provides a platform designed for source code control, detection and response. The solution should help organizations concerned about the exposure of intellectual property (IP) found in source code. While

Windows 7 and Windows Server 2008 will officially reach end-of-support on January 14, 2020, but they will continue to receive security patches past that date, unofficially.Microsoft will still provide support for some customers through Extended Security Updates (ESU), but the majority of systems still running Windows 7 or Windows Server 2008 will no longer r