The Coming Storm – Page 21 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Tue, 19 Jun 2018 18:03:44 +0000

In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing access to this extremely sensitive information. While three out of four providers said they had cancelled data sharing agreements with some of the offending companies, only one — Verizon — pledged to terminate all of them and initiate a wholesale review of their location data-sharing practices.

Independent Krebs

June 13, 2018 admin

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Credit to Author: BrianKrebs| Date: Wed, 13 Jun 2018 20:14:40 +0000

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach.

Independent Krebs

May 28, 2018 admin

FBI: Kindly Reboot Your Router Now, Please

Credit to Author: BrianKrebs| Date: Mon, 28 May 2018 18:54:22 +0000

The Federal Bureau of Investigation (FBI) is warning that a new malware threat has rapidly infected more than a half-million consumer devices. To help arrest the spread of the malware, the FBI and security firms are urging home Internet users to reboot routers and network-attached storage devices made by a range of technology manufacturers.

Independent Krebs

May 26, 2018 admin

Why Is Your Location Data No Longer Private?

Credit to Author: BrianKrebs| Date: Sat, 26 May 2018 16:18:48 +0000

The past month has seen one blockbuster revelation after another about how our mobile phone and broadband providers have been leaking highly sensitive customer information, including real-time location data and customer account details. In the wake of these consumer privacy debacles, many are left wondering who’s responsible for policing these industries? How exactly did we get to this point? What prospects are there for changes to address this national privacy crisis at the legislative and regulatory levels? These are some of the questions we’ll explore in this article.

Independent Krebs

May 22, 2018 admin

Mobile Giants: Please Don’t Share the Where

Credit to Author: BrianKrebs| Date: Tue, 22 May 2018 16:05:50 +0000

Your mobile phone is giving away your approximate location all day long. This isn’t exactly a secret: It has to share this data with your mobile provider constantly to provide better call quality and to route any emergency 911 calls straight to your location. But now, the major mobile providers in the United States — AT&T, Sprint, T-Mobile and Verizon — are selling this location information to third party companies — in real time — without your consent or a court order, and with apparently zero accountability for how this data will be used, stored, shared or protected. It may be tough to put a price on one’s location privacy, but here’s something of which you can be sure: The mobile carriers are selling data about where you are at any time, without your consent, to third-parties for probably far less than you might be willing to pay to secure it.

Independent Krebs

May 18, 2018 admin

T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram Account

Credit to Author: BrianKrebs| Date: Fri, 18 May 2018 18:35:24 +0000

T-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber’s account in an elaborate scheme to steal the customer’s three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the targeted T-Mobile subscriber, were made even though the victim customer already had taken steps recommended by the mobile carrier to help minimize the risks of account takeover. Here’s what happened, and some tips on how you can protect yourself from a similar fate.

Independent Krebs

May 17, 2018 admin

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

Credit to Author: BrianKrebs| Date: Thu, 17 May 2018 18:29:18 +0000

LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.

Independent Krebs

April 27, 2018 admin

Security Trade-Offs in the New EU Privacy Law

Credit to Author: BrianKrebs| Date: Fri, 27 Apr 2018 17:27:40 +0000

On two occasions this past year I’ve published stories here warning about the prospect that new European privacy regulations could result in more spams and scams ending up in your inbox. This post explains in a question and answer format some of the reasoning that went into that prediction, and responds to many of the criticisms leveled against it.