Why Groupon refused to pay a security researcher who discovered serious XSS bugs

Groupon Security

It's very common these days for tech companies Google and Microsoft to offer hackers and security researchers big bucks if they're able to find security vulnerabilities that could pose serious threats to important software and services. Google in particular often hosts its own hacking competition where the search giant puts millions of dollars on the line for anyone savvy enough to skirt around Google's built-in security schemes.

Recently, one security researcher found a number of high-level vulnerabilities on Groupon's website. Groupon promptly patched the security holes but, as it turns out, is refusing to pay him.

Here's why.

Continue reading...

How to use free public Wi-Fi without hackers stealing your data

Public WiFi Safety Guide

Free public Wi-Fi hotspots are terrific. They offer users quick and reliable Internet connections where cellular reception is spotty. And even in areas with strong cellular signals, users can connect their phones, tablets and laptops to public Wi-Fi hotspots in order to conserve data on their mobile plans and steer clear of those pesky data caps.

Of course, there is one problem with public Wi-Fi networks, and it's a big one: They're completely open, which means any data you send or receive while connected to these networks is vulnerable and can easily be stolen by hackers.

Continue reading...

This smartphone is extra-secure and stronger than steel

The Turing Phone

How do you stand out if you're a fledgling smartphone maker that can't compete on specs alone? If you're Turing Robotic Industries (formerly QSAlpha), you pour your energy into clever design -- both inside and out. The newly unveiled Turing Phone keeps up the company's emphasis on security, with its own server-free encrypted communication between owners and a fingerprint reader that encourages you to lock down your device. There's also an Apple-like magnetic charging system, so you won't send your phone flying. However, the real star of the show is the frame. It's built from "liquidmorphium," a metal alloy that's reportedly stronger than steel or titanium. While there's also aluminum, ceramic and plastic on the body, that exotic structure should reduce the chances that you'll wreck your handset through a nasty drop. %Gallery-slideshow282051%

Filed under: ,


Source: Turing Robotic Industries

Scary Galaxy S5 scanner flaw will let hackers copy your fingerprints

Samsung Galaxy S5 Fingerprint Scanner Hack

Well, let's hope you never used the Galaxy S5's fingerprint scanner. Forbes reports that researchers from security firm FireEye have found a scary flaw in the Galaxy S5's fingerprint scanner that could let hackers copy your fingerprints and use them for nefarious purposes.

Continue reading...

Researchers find another terrifying iOS flaw

Boy shouting at smart phone

It can't have escaped your attention that security experts have declared open season on Apple products over the last few weeks. At San Francisco's RSA conference, an even more terrifying exploit has been revealed that has the power to send your iPhone or iPad into a perpetual restart loop. Mobile security firm Skycure has discovered that iOS 8 has an innate vulnerability to SSL certificates that, when combined with another WiFi exploit, gives malicious types the ability to create "no iOS zones" that can render your smartphones and tablets unusable. Before you read on, grab a roll of tinfoil and start making a new case for your iPhone.

Filed under: , , , ,


Via: The Register, Gizmodo

Source: Skycure

Blackberry wants to lock down security for the Internet of Things

CeBIT 2015 Technology Trade Fair

Say what you will about BlackBerry's current state of affairs, but in its heyday it was workplace no-brainer because of its then-unparalleled security systems. Well, the Canadian company has plans to make that work in its favor with an encryption certificate based on subsidiary Certicom's elliptic-curved cryptography. As Reuters reports, this could secure numerous devices ranging from connected car systems to smart meters -- ease of security and authentication are the name of the game here. In fact, the outfit's already netted some support from across the pond with a contract that'll cover some 104 million household energy management gizmos and smart meters in Britain. BlackBerry also wants to beef up its research and development that could improve on computer data security. So in case you were wondering what the company formerly known as Research in Motion's been up to, now you know.

[Image credit: Getty Images]

Filed under: , , , ,


Source: Reuters

DO THIS NOW: Set up all your passwords the Snowden way

Snowden Password Tips: Pass-Phrases

A few weeks ago, Last Week Tonight’s John Oliver travelled all the way to Russia to interview Edward Snowden. Snowden, of course is responsible for numerous leaks that revealed the advanced surveillance operations intelligence agencies are capable of nowadays. The interview was particularly enjoyable thanks ti the fact that Oliver’s team was able to present serious matters in very entertaining ways. One of the gems in that episode is related to password security, PopularMechanics points out, with Snowden revealing one key tip that you absolutely should consider when setting up online passwords.

Continue reading...

1,500 iPhone apps have a serious flaw that hackers can easily exploit

iPhone iOS App Encryption Security Issue

While security companies usually detail vulnerabilities in Android that hackers can use for malicious purposes, analytics service SourceDNA uncovered an encryption flaw that may affect as many as 1,500 applications, Ars Technica reports. Among them, you’ll find some popular titles, including Citrix OpenVoice Audio Conferencing, the Alibaba.com mobile app, Movies by Flixster with Rotten Tomatoes, KYBankAgent 3.0, and Revo Restaurant Point of Sale.

Continue reading...

Manhattan DA makes the most over-the-top claim about iPhone encryption we’ve heard yet

iPhone Encryption Manhattan District Attorney

We've heard a lot of hysterical claims from law enforcement officials about all the awful things that will happen if Apple and Google encrypt their mobile operating systems, but this new piece of hyperbole from Manhattan's district attorney may take the cake.

Continue reading...

Verizon says the security threats to your phone are ‘overblown’

Motorola Droid Turbo

It may seem like mobile viruses are everywhere, but Verizon would beg to differ. The carrier has issued a report on data breaches which finds that the security threats to your phone are generally "overblown." The total number of security holes that have been used for exploits, regardless of platform, is "negligible" -- whatever device you use, you probably aren't at risk as long as you use common sense.

Filed under: , , ,


Source: Verizon Enterprise