“Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years,” reports CNN. The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server… It is still…
Tag: password
Jamaica’s JamCOVID Pulled Offline After Third Security Lapse Exposed Travelers’ Data
Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. From a report: JamCOVID was set up last year to help the government process travelers arriving on the island. Quarantine orders are issued by the Jamaican Ministry of Health and instruct…
Google’s Password Checkup Feature Coming To Android
Android users can now take advantage of the Password Checkup feature that Google first introduced in its Chrome web browser in late 2019, the OS maker announced today. From a report: On Android, the Password Checkup feature is now part of the “Autofill with Google” mechanism, which the OS uses to select text from a cache and fill in forms. The…
Terraria Port To Google Stadia Cancelled After Creator’s Google Account Locked
New submitter Pibroch(CiH) writes: Andrew Spinks, the creator of Terraria and lead developer for Re-Logic, has been trying to find out why his Google account (which encompasses YouTube, Gmail, and many other important services) was suddenly banned and locked with no warning. According to Ars Technica: “Spinks says his entire Google account has been down for three weeks now, and Google…
Firefox 85 Isolated Supercookies, But Dropped Progressive Web App Support
Tech blogger Paul Thurrott writes:
Firefox 85 now protects users against supercookies, which Mozilla says is “a type of tracker that can stay hidden in your browser and track you online, even after you clear cookies. By isolating supercookies, Firefox prevents them from tracking your web browsing from one site to the next.” It also includes small improvements to bookmarks and password…
Chrome OS 88 Turns Your Chromebook Into An Impromptu Smart Display
Google has started rolling out Chrome OS 88. The update includes a couple of enhancements, the most notable of which is a new screen saver you can use to get more functionality out of your computer’s lock screen. Engadget reports: By enabling the feature, your Chromebook will be able to display images from your Google Photos library, including those you’ve organized…
Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes
Stefan Thomas, a German-born programmer living in San Francisco, has two guesses left to figure out a password that is worth, as of this week, about $220 million. From a report: The password will let him unlock a small hard drive, known as an IronKey, which contains the private keys to a digital wallet that holds 7,002 Bitcoin. While the price…
Attackers May Still Be Breaking into US Networks Without SolarWinds, CISA says
On Friday, America’s Cybersecurity and Infrastructure Security Agency revealed that the “threat actor” behind the massive breach of U.S. networks through compromised SolarWinds software also used password guessing and password spraying attacks, according to ZDNet. And they may still be breaching federal networks, reports GCN: “Specifically, we are investigating incidents in which activity indicating abuse of Security Assertion Markup Language (SAML)…
Authorities Don’t Need To Break Phone Encryption in Most Cases, Because Modern Phone Encryption Sort of Sucks.
Matthew Green, a cryptographer and professor at Johns Hopkins University, shares in a series of tweets: My students Max and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption.” This was prompted by a claim from someone knowledgeable, who…
Hackers at Center of Sprawling Spy Campaign Turned SolarWinds’ Dominance Against It
An anonymous reader shares a report: On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm. There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told…