Author: Zack Whittaker

A Twitter employee groomed by the Saudi government prompted 2015 state-sponsored hacking warning

TECHCRUNCH An explosive report in The New York Times this weekend sheds new light on the apparent targeting of Twitter accounts by “state-sponsored actors” three years ago. It comes in the wake of the confirmed death of Washington Post journalist Jamal Khashoggi on Friday, two weeks after he disappeared in the Saudi consulate in Istanbul. Khashoggi had long been a target of a Saudi troll army, according to the report, which employed hundreds of people to stifle the speech of government critics, like Khashoggi, who left the kingdom to live and work in the United States. But the troll...

Read More

Hackers breach Healthcare.gov system, taking files on 75,000 people

TECHCRUNCH A government system used by insurance agents and brokers to help customers sign up for healthcare plans was breached, allowing hackers to siphon off sensitive and personal data on 75,000 people. The Centers for Medicare and Medicaid Services confirmed the breach in a late Friday announcement, but revealed few details about the contents of the files stolen. The hacked system was connected to the Healthcare.gov website, the front-facing portal for anyone signing up for an insurance plan under former President Obama’s healthcare law, the Affordable Care Act. Hackers targeted the behind-the-scenes system that insurance agents used to help customers...

Read More

Smart home makers hoard your data, but won’t say if the police come for it

TECHCRUNCH A decade ago, it was almost inconceivable that nearly every household item could be hooked up to the internet. These days, it’s near impossible to avoid a non-smart home gadget, and they’re vacuuming up a ton of new data that we’d never normally think about. Thermostats know the temperature of your house, and smart cameras and sensors know when someone’s walking around your home. Smart assistants know what you’re asking for, and smart doorbells know who’s coming and going. And thanks to the cloud, that data is available to you from anywhere – you can check in on...

Read More

Buggy software in popular connected storage drives can let hackers read private data

TECHCRUNCH Security researchers have found flaws in four popular connected storage drives that they say could let hackers access a user’s private and sensitive data. The researchers Paulos Yibelo and Daniel Eshetu said the software running on three of the devices they tested — NetGear Stora, Seagate Home, and Medion LifeCloud — can allow an attacker to remotely read, change and delete data without requiring a password. Yibelo, who shared the research with TechCrunch this week and posted the findings Friday, said that many other devices may be at risk. The software, Hipserv, built by tech company Axentra, was largely to...

Read More

MIT researchers say memory splitting breakthrough could prevent another Meltdown or Spectre

TECHCRUNCH Virtually every modern computer processor was thrown under the bus earlier this year when researchers found a fundamental design weakness in Intel, AMD and ARM chips, making it possible to steal sensitive data from the computer’s memory. The Meltdown and Spectre vulnerabilities — which date back to 1995 — punched holes in the walls that keeps apps from accessing other parts of the system’s memory that it doesn’t have permission to read. That meant a skilled attacker could figure out where sensitive data was stored, like passwords and encryption keys. While the companies mitigated some of the flaws,...

Read More

Tumblr says it’s fixed a security bug, but says ‘no evidence’ any user data was exposed

TECHCRUNCH Tumblr has disclosed a security vulnerability on its site that in some cases could have exposed account information. The bug was found in the part of the site that recommends other Tumblr blogs to users, according to a blog post. The blogging site said the “recommended blogs” module — only visible to logged-in users — could have exposed some account information associated with the blog. Tumblr didn’t disclose much about how the bug worked, but said that a blog owner’s email address, scrambled password (both hashed and salted) and their self-reported location, as well as previously used email...

Read More

How to download your data from Apple

TECHCRUNCH Good news! Apple now allows U.S. customers to download a copy of their data, months after rolling out the feature to EU customers. But don’t be disappointed when you get your download and find there’s almost nothing in there. Earlier this year when I requested my own data (before the portal feature rolled out), Apple sent me a dozen spreadsheets with my purchase and order history, a few iCloud logs, and some of my account information. The data will date back to when you opened your account, but may not include recent data if Apple has no reason to...

Read More

Apple overhauls its privacy pages, and now lets U.S. customers download their own data

TECHCRUNCH Apple has refreshed and expanded its privacy website, a month after its most recent iPhone and Mac launches. You’re not going to see much change from previous years — the privacy pages still state the same commitments that Apple’s long held, like that privacy is a “fundamental human right” and that your information is largely on your iPhones, iPads and Macs. And, now with a bevy of new security and privacy features in iOS 12 and macOS Mojave, the pages are updated to include new information about end-to-end encrypted group FaceTime video calls and improvements to intelligence tracking...

Read More

Right Now in Politics and Business