IBM has discovered a security flaw that can leave file storage accounts of mobile users open to hackers. The IBM researchers identified sloppy coding in Dropbox’s SDK Version 1.5.4 for Android that caused the vulnerability.
76% of the applications that link to Dropbox accounts using the Dropbox SDK are vulnerable, including other password managers. Keeper does not rely on any 3rd party storage providers and is not vulnerable to this flaw.
Read more here
During a Cybersecurity panel discussion on Tuesday with members of Homeland Security, the theme was not “if you get hacked”, it’s “when you get hacked.” Companies need to start thinking this way, no one is immune to cyber attacks and it’s critical to have cybersecurity prevention tools in place and a plan for when it happens. While most cybercrime issues are preventable, cybercrime affects everyone.
Read more here: http://www.bizjournals.com/boston/blog/techflash/2015/03/homeland-security-official-your-company-might-get.html
Google’s expert team of hackers at Project Zero have discovered a serious flaw in modern DRAM devices. The flaw encourages computer vendors to cough up more information about hardware flaws, and is exploitable on x86 laptops. Google is encouraging vendors to release information about affected devices so that researchers and further evaluate the rowhammer problem.
Read more here: http://www.zdnet.com/article/rowhammer-dram-flaw-could-be-widespread-says-google/
Apple’s latest iOS release includes a fix for the FREAK exploit, which allows hackers to attack encrypted networks, including Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections. Most iPhones and iPads were affected by the bug.
Read more here: http://www.zdnet.com/article/apple-fixes-freak-security-flaw-with-ios-8-2-update/
Here are the top 5 stories from MWC 2015 Day 3:
- Pebble followed up their smartwatch announcement with a Time Steel model with a metal body. The watch will have 10 days of battery life, and run for $299
- Leia is bringing 3D holograms to mobile devices
- Flir One showcased a smartphone dongle with thermal imaging
- Sony’s SmartEyeglass apps were displayed for it’s SmartEyeglass wearable
- Acer debuted a Fitness tracker with the Liquid Leap+
Yesterday, cryptographers discovered a security flaw dating back to the 90’s, that affects OS X, iOS, and Android users on over 64,000 websites. The FREAK exploit allows hackers to force a lower-grade of encryption, so that affected sites (with your personal information) can be cracked within a few hours.
Visit freakattack.com for more info, or click here to see the list of affected sites.
Keeper is not vulnerable to the RSA FREAK vulnerability.
Here are our top 5 developments from Day 2 at MWC 2015:
- Fujitsu showed off a prototype smartphone that uses an infrared camera to scan your irises for your password
- Qualcomm announced ultrasonic 3D fingerprint authentication
- Intel revealed three new mobile chips, the Atom x3, x5, and x7
- BlackBerry showed their new Leap smartphone, a $275 device that claims to have a battery that lasts 25 hours with heavy use
- Silent Circle announced their second-edition Blackphone secure smartphone.
Check back tomorrow for Day 3 updates!
Our team has made it safely on the ground in Barcelona to discover and share the latest technology in the mobile industry.
Here are the top #MWC15 day 1 highlights:
- Huawei announced its Android Wear-powered device, the Huawei Watch. It will have a sapphire glass screen, 6-axis motion sensor and a heart rate monitor
- Mozilla will be launching new Firefox OS phones, planned to launch in 2016
- The HTC One M9 was announced – it will come with a higher quality camera that allows better-quality selfies even when taken indoors
- Samsung revealed the Galaxy S6 and Galaxy S6 Edge, as well as “Samsung Pay”
Check back tomorrow for Day 2 highlights!
Uber is now revealing that their database of over 50,000 drivers was hacked back in May, and they have subpoenaed GitHub to hand over IP addresses of the suspects.
The lawsuit reads, “On or around May 12, 2014, from an IP address not associated with an Uber employee and otherwise unknown to Uber, John Doe used the unique security key to download Uber database files containing confidential and proprietary information from Uber’s protected computers.”
Read more here.
Lenovo’s website was hacked yesterday.
Just a week after it was announced that Lenovo was installing “Superfish” adware on its factory-fresh laptops, the Lizard Squad has hacked the Lenovo.com website and turned it into a slideshow of webcam images set to pop music. This is the same group that took down the Playstation Network and Xbox Live on Christmas Day, and also took down Google Vietnam earlier this week.
Read the rest of the story on Mashable.