reader comments 164 with 71 posters participating Share this story Epik has now confirmed that an “unauthorized intrusion” did in fact occur into its systems. The announcement follows last week’s incident of hacktivist collective Anonymous leaking 180 GB of data stolen from online service provider Epik. To mock the company’s initial response to the data… Read More »
reader comments 37 with 25 posters participating, including story author Share this story SushiSwap’s chief technology officer says the company’s MISO platform has been hit by a software supply chain attack. SushiSwap is a community-driven decentralized finance (DeFi) platform that lets users swap, earn, lend, borrow, and leverage cryptocurrency assets all from one place. Launched earlier this year,… Read More »
reader comments 89 with 73 posters participating Share this story New versions of Microsoft Office aren’t as big a deal as they used to be, thanks to the continuously updated (and continuously paid-for) versions of the apps that come with a Microsoft 365 subscription. But for everyone else, there’s still Office 2021, an upgrade to… Read More »
reader comments 345 with 137 posters participating Share this story Hacktivist collective Anonymous claims to have obtained gigabytes of data from Epik, which provides domain name, hosting, and DNS services for a variety of clients. These include the Texas GOP, Gab, Parler, and 8chan, among other right-wing sites. The stolen data has been released as… Read More »
Getty Images reader comments 171 with 101 posters participating Share this story Microsoft has been working to make passwordless sign-in for Windows and Microsoft accounts a reality for years now, and today those efforts come to fruition: The Verge reports that starting today, users can completely remove their passwords from their Microsoft accounts and opt… Read More »
Getty Images reader comments 38 with 32 posters participating Share this story A security flaw in Travis CI potentially exposed the secrets of thousands of open source projects that rely on the hosted continuous integration service. Travis CI is a software-testing solution used by over 900,000 open source projects and 600,000 users. A vulnerability in… Read More »
Aurich Lawson | Getty Images reader comments 44 with 39 posters participating Share this story Apple has released several security updates this week to patch a “FORCEDENTRY” vulnerability on iOS devices. The “zero-click, zero-day” vulnerability has been actively exploited by Pegasus, a spyware app developed by the Israeli company NSO Group, which has been known… Read More »
Enlarge / If you don’t maintain good relationships with bug reporters, you may not get to control the disclosure timeline. reader comments 0 with 0 posters participating Share this story The Washington Post reported earlier today that Apple’s relationship with third-party security researchers could use some additional fine tuning. Specifically, Apple’s “bug bounty” program—a way companies… Read More »
Enlarge / The security of Facebook’s popular messaging app leaves several rather important devils in its details. reader comments 88 with 64 posters participating, including story author Share this story Yesterday, independent newsroom ProPublica published a detailed piece examining the popular WhatsApp messaging platform’s privacy claims. The service famously offers “end-to-end encryption,” which most users interpret… Read More »
Enlarge / ProtonMail offers end-to-end encryption and a stated focus on privacy for its email service—which offers a user interface quite similar to those of more mainstream services such as Gmail. reader comments 102 with 79 posters participating, including story author Share this story This weekend, news broke that security/privacy-focused anonymous email service ProtonMail turned over… Read More »