Author: Zack Whittaker

US intelligence community says quantum computing and artificial intelligence pose an ’emerging threat’ to national security

TECHCRUNCH It’s not often you can put nuclear weapons, terrorism and climate change on the same list as quantum computing, artificial intelligence and the Internet of Things, but the U.S. government believes all pose an “emerging threat” to its national security. Several key agencies in the U.S. intelligence community were asked what they saw as long-term threats faced by the country in the next decade and beyond, and the future of “dual-use technologies” took center stage. Agnostic technologies like encryption, autonomous and unmanned systems, AI and quantum computing rank at the top of the agencies’ “worry list” for fears that...

Read More

A popular ‘boomoji’ app exposed millions of users’ contact lists and location data

TECHCRUNCH Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international customers; and a Hong Kong-based database containing mostly Chinese users’ data in an effort to comply with China’s data security laws, which requires Chinese citizens’ data to be located on servers inside the country. Anyone who knew where to look could access, edit or delete...

Read More

Twitter says governments are ramping up their demands for user data

TECHCRUNCH Twitter says the number of government demands for data on its users has shot up in the past year. In its latest transparency report out Thursday, the social media giant said it received 10 percent more requests between January and June than on its previous reporting period — the largest percentage increase in three years. According to the newly released data, Twitter received 6,904 government requests for information on 16,882 accounts. Twitter turned over at least some data in 56 percent of cases. The U.S. took the lead with 2,231 requests for information on 9,226 accounts — representing...

Read More

A bug in Microsoft’s login system made it easy to hijack anyone’s Office account

TECHCRUNCH A string of bugs when chained together created the perfect attack to gain access to someone’s Microsoft account — simply by tricking a user into clicking a link. Sahad Nk, an India-based bug hunter, discovered that a Microsoft subdomain, “success.office.com,” had not been properly configured, allowing him to take it over. He used a CNAME record, a canonical record used to link one domain to another, to point the unconfigured subdomain to his own Azure instance. In doing so, he controlled the subdomain — and any data sent to it, he said in a write-up, shared with TechCrunch...

Read More

Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report

TECHCRUNCH A House Oversight Committee report out Monday has concluded that Equifax’s security practices and policies were sub-par and its systems were old and out-of-date, and bothering with basic security measures — like patching vulnerable systems — could’ve prevented its massive data breach last year. It comes a little over a year after Equifax, one of the world’s largest credit rating agencies, confirmed its systems had fallen to hackers. Some 143 million consumers around the world were affected — most of which were in the U.S., but also Canada and the U.K. — with that figure later rising to...

Read More

US tech giants decry Australia’s ‘deeply flawed’ new anti-encryption law

TECHCRUNCH A group of U.S. tech giants, including Apple, Google and Microsoft, have collectively denounced the new so-called “anti-encryption” law passed by the Australian parliament last week. The bill was passed less than a day after the ruling coalition government secured the votes from opposition Labor lawmakers, despite strong objection from tech companies and telcos. “The new Australian law is deeply flawed, overly broad, and lacking in adequate independent oversight over the new authorities,” said the Reform Government Surveillance coalition in a statement. The tech companies added that the law would “undermine the cybersecurity, human rights, or the right...

Read More

Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition

TECHCRUNCH Australia’s controversial anti-encryption bill is one step closer to becoming law, after the two leading but sparring party political giants struck a deal to pass the legislation. The bill, in short, grants Australian police greater powers to issue “technical notices” — a nice way of forcing companies — even websites — operating in Australia to help the government hack, implant malware, undermine encryption or insert backdoors at the behest of the government. If companies refuse, they could face financial penalties. Lawmakers say that the law is only meant to target serious criminals — sex offenders, terrorists, homicide and...

Read More

Credit card stealing malware on Canada’s 1-800-FLOWERS website went undetected for four years

TECHCRUNCH It’s going to take more than a bunch of posies to make up for this one. The Canadian branch of 1-800-FLOWERS revealed in a filing with the California attorney general’s office that malware on its website had siphoned off customers’ credit cards over a four-year period. Four years. Let that sink in. The company said it believes the malware was scraping credit cards between August 15, 2014 to September 15, 2018, but that the company’s main 1-800-FLOWERS.com website was unaffected. “Findings from the investigation suggest that the information collected included your first and last name, payment card number,...

Read More

Right Now in Politics and Business