Email encryption flaws can expose Apple Mail, Outlook, and Thunderbird messages

Ahead of a full release of details on May 15, European researchers and the EFFare providing an early warning that messages encoded with PGP/GPG and S/MIME are vulnerable to a set of serious security vulnerabilities — an issue impacting over 20 email clients. As there are “currently no reliable fixes for the vulnerability,” the researchers are advising users to … Read more...

Apple faces class action lawsuit over failing MacBook butterfly keyboards

,

Apple’s polarizing butterfly keyboard design is now causing the company some legal issues. A new class action lawsuit has been filed against Apple, alleging that the company knew about the reliability issues of the design before launch, yet released it anyway…

As outlined by AppleInsider, the lawsuit was filed in the Northern District Court of California and includes both

Read more...

Windows critical flaw: This security bug is under attack right now, says Microsoft

,

Microsoft patches two flaws that are already under attack, among the 67 bugs in May’s Patch Tuesday update.

Video: Microsoft’s reverse engineering unveils secrets of FinFisher government spyware

Microsoft’s Patch Tuesday update addresses a critical flaw in the Windows VBScript engine that attackers are using to compromise Windows machines through Internet Explorer.

The patch follows an alarm by researchers at … Read more...

Firefox 60 lands: It’s world’s first browser to give you password-free logins, says Mozilla

Firefox becomes first browser to support the Web Authentication API, taking the world closer to no-password logins.

Video: How Mozilla plans to win back Firefox users.

Mozilla has released Firefox 60 with support for a new option to sign in to websites without using a password.

That’s thanks to an emerging W3C standard called Web Authentication or WebAuthn, which … Read more...

Two-factor authentication hackable

Two-factor authentication may not be the panacea of securing access to online accounts that many believe it is as KnowBe4’s Kevin Mitnick shows how easily this defensive measure can be spoofed.

Mitnick, KnowBe4’s chief hacking officer, has put together a video showing how a phishing email containing a bit of code capable of swiping login information placed into a login … Read more...

Twitter says bug exposed user plaintext passwords

Change your passwords — immediately.

Twitter has admitted that user passwords were briefly stored in plaintext and may have been exposed to the company’s internal tools.

In a blog post, the microblogging site urged users to change their passwords.

“When you set a password for your Twitter account, we use technology that masks it so no one at the company … Read more...

Facebook launches Clear History feature that should have been there all along

Clear History will take a few months to build and input from various parties, but Facebook will allow users to clear their data trail–just like you can with your browsers.

Facebook is launching a feature dubbed Clear History and perhaps the most shocking item is that it wasn’t there before.

Ahead of his talk at the F8 developer conference, CEO Read more...

Over a million vulnerable fiber routers can be easily hacked

Most of the GPON home gateways are found in Mexico, Kazakhstan, and Vietnam.

Over a million fiber routers can be remotely accessed, thanks to an authentication bypass bug that’s easily exploited by modifying the URL in the browser’s address bar.

The bug lets anyone bypass the router’s login page and access pages within — simply by adding “?images/” to the … Read more...

Data protection in the EU

,

Fundamental rights

The EU Charter of Fundamental Rights stipulates that EU citizens have the right to protection of their personal data.

Legislation

The new data protection package adopted in May 2016 aims at making Europe fit for the digital age. More than 90% of Europeans say they want the same data protection rights across the EU … Read more...

Logging in with Facebook may let Javascript trackers steal personal data