720-891-1663

Security News Update for Week Ending July 19, 2024

AT&T is First Company To Evade SEC’s 4 Day Breach Disclosure No, they are not badasses, they asked for permission. The SEC rules that went into effect last year have a carve out from the disclosure rule – actually it is not an exception, just a delay. It is not clear who asked whom, but […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Mobile Malware Defeats Biometrics

Security or convenience, pick one. Background: there is a difference between IDENTIFICATION and AUTHENTICATION. Identification is the equivalent of a userid. Userids are not secret. Authentication is the equivalent of a password. Passwords are secret. Many systems use biometrics like a face scan to BOTH identify a user and authenticate that it is really that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending August 13, 2021

Android Trojan Hits 140 Countries, 10,000 Victims Via Social Media Hijack Security company Zimperium says they have found a new trojan they call Flytrap that has been around since March and compromises users’ phones who side load apps from third party app stores. Once the malicious app is on the user’s phone, it uses that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Phone Apps Collect User Data Even If You Deny Permissions

All smartphones are data collection machines; hopefully everyone understands that.  There are an amazing number of sensors on the device and many apps just ask for everything.  If the user grants that, then the app can harvest all that data and likely sell it, either individually or in the aggregate. Researchers took a tiny sample […]

Continue reading → [DISPLAY_ACURAX_ICONS]