Sophos – Page 125 – PossibleThreat Articles

Google’s Super Bowl ad will make you cry. Or wince.

February 4, 2020 0 Comments ads, advertising, adverts, Google, Google Assistant, loretta, Marketing, Privacy, super bowl, Tracking

Credit to Author: Lisa Vaas| Date: Tue, 04 Feb 2020 10:44:29 +0000

Google’s Super Bowl ad featured an elderly man’s voice as he asked Google Assistant to help him remember details about his late wife.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/a63Ljbmk14I” height=”1″ width=”1″ alt=””/>

Security Sophos

Apple proposes simple security upgrade for SMS 2FA codes

February 3, 2020 0 Comments 2-factor Authentication, 2fa, Apple, Google, Microsoft, mozilla firefox, Safari, security threats, sms phishing

Credit to Author: John E Dunn| Date: Mon, 03 Feb 2020 12:54:31 +0000

Apple thinks it’s come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/EmuD8lIFjiU” height=”1″ width=”1″ alt=””/>

Security Sophos

FTC warns VoIP providers that help robocallers: we can and will sue

February 3, 2020 0 Comments caller id, crackdown, do not call registry, Federal Trade Commission, fraud, FTC, Law & order, robocallers, robocalls, scammers, security threats, service providers, spoofing, voip

Credit to Author: Lisa Vaas| Date: Mon, 03 Feb 2020 12:21:32 +0000

It put 19 internet-calling companies on notice that helping illegal robocalls is illegal. It has sued before, and it can do it again.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/WgDkr2jGNg4″ height=”1″ width=”1″ alt=””/>

Security Sophos

Fraudsters posed as art dealer, bilked museum for millions

February 3, 2020 0 Comments art, BEC, BEC scams, email spoofing, fraud, john constable, Law & order, painting, rijksmuseum twenthe, simon c. dickinson ltd., spoofed email

Credit to Author: Lisa Vaas| Date: Mon, 03 Feb 2020 11:26:24 +0000

Scammers got away with a $3.1m BEC heist, art dealer and museum blame each other, and ownership of a valuable landscape is up in the air.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/vWiUkpnODiM” height=”1″ width=”1″ alt=””/>

Security Sophos

Google launches open-source security key project, OpenSK

February 3, 2020 0 Comments ble, Cryptography, data loss, dongle, fido, fido u2f, FIDO2, Google, nfc, nordic, opensk, security key, usb, WebAuthn, Yubikey

Credit to Author: Danny Bradbury| Date: Mon, 03 Feb 2020 11:02:06 +0000

OpenSK is a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ku-9LnVkKCo” height=”1″ width=”1″ alt=””/>

Security Sophos

Serious Security – How ‘special case’ code blew a hole in OpenSMTPD

January 31, 2020 0 Comments eop, Exploit, openbsd, opensmtpd, Patch, rce, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 31 Jan 2020 17:49:43 +0000

Patch now before you receive a message that’s more than just bad news!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/4YZhTzLrMmk” height=”1″ width=”1″ alt=””/>

Security Sophos

UN hacked via unpatched SharePoint server

January 31, 2020 0 Comments cve-2019-0604, data loss, exposed data, GDPR, GDPR compliance, hacked servers, Privacy, security threats, sharepoint, the new humanitarian, un, un secretary-general, vulnerability

Credit to Author: Danny Bradbury| Date: Fri, 31 Jan 2020 13:04:44 +0000

UN staffers: the “entire domain” was probably compromised by an attacker who was lurking on the UN’s networks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/RonIAIVbyIQ” height=”1″ width=”1″ alt=””/>

Security Sophos

US Interior Dept extends drone grounding over foreign hacking fears

January 31, 2020 0 Comments china, drones, security threats, uas

Credit to Author: John E Dunn| Date: Fri, 31 Jan 2020 12:39:23 +0000

The DOI has doubled down on a previous order, keeping the agency’s drones grounded for another 30 days for a more in-depth security review.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/WAwnXRjPMI8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Financial tech firms disagree on ban of customer data screen-scraping

January 31, 2020 0 Comments apis, australia, ban, consumer data right, data aggregation, data loss, financial industry, financial technology, fintech, Law & order, lisa schutz, open banking, Privacy, privacy act, screen scraping, security threats, verifier

Credit to Author: Lisa Vaas| Date: Fri, 31 Jan 2020 12:05:49 +0000

They use it to offer things like budgeting apps. It puts passwords and privacy at risk, but some say they can’t afford to build APIs instead.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/p33_Z7ZunMU” height=”1″ width=”1″ alt=””/>

Security Sophos

Facebook to pay $550m to settle face-tagging suit

January 31, 2020 0 Comments biometrics, BIPA, face recognition, facebook, faceprints, facial recognition, Illinois, illinois biometric information privacy act, Law & order, lawsuit, photo tagging, photos, Privacy, Social networks, tag suggestions, tagging

Credit to Author: Lisa Vaas| Date: Fri, 31 Jan 2020 10:14:22 +0000

A class-action lawsuit against Facebook for the use of its tag suggestions feature looks like it’s finally done churning through the courts.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/-vpu7yQz3I0″ height=”1″ width=”1″ alt=””/>