Crooks Steal Phone, SMS Records for Nearly All AT&T Customers

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed). Continue reading Crooks Steal Phone, SMS Records for Nearly All AT&T Customers

You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address or physical address. The move comes just months after Google rolled out a new policy enabling people under the age of 18 (or a parent/guardian) to request removal of their images from Google search results. Continue reading You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Continue reading Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

‘War Dialing’ Tool Exposes Zoom’s Password Problems

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number major corporations are setting up meetings without passwords enabled. Continue reading ‘War Dialing’ Tool Exposes Zoom’s Password Problems

Nvidia acquires data storage and management platform SwiftStack

Nvidia today announced that it has acquired SwiftStack, a software-centric data storage and management platform that supports public cloud, on-premises and edge deployments. The company’s recent launches focused on improving its support for AI, high-performance computing and accelerated computing workloads, which is surely what Nvidia is most interested in here. “Building AI supercomputers is exciting […] Continue reading Nvidia acquires data storage and management platform SwiftStack

Apple Explains Mysterious iPhone 11 Location Requests

KrebsOnSecurity ran a story this week that puzzled over Apple’s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system… Continue reading Apple Explains Mysterious iPhone 11 Location Requests

Avast, NordVPN Breaches Tied to Phantom User Accounts

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password. Continue reading Avast, NordVPN Breaches Tied to Phantom User Accounts

New Facebook Privacy Controls, Apple iOS Patching Mistake, MoviePass Data Breach

You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston. In episode 83 for August 26th 2019: Facebook announces new off-Facebook activity privacy controls, how A… Continue reading New Facebook Privacy Controls, Apple iOS Patching Mistake, MoviePass Data Breach

Box CEO Aaron Levie is coming to TC Sessions: Enterprise

Box co-founder, chairman and CEO Aaron Levie took his company from a consumer-oriented online storage service to a publicly-traded enterprise powerhouse. Launched in 2005, Box today has over 41 million users and the vast majority of Fortune 500 companies use its service. Levie will join us at TC Sessions: Enterprise for a fireside chat about […] Continue reading Box CEO Aaron Levie is coming to TC Sessions: Enterprise

India’s Locus raises $22 million to expand its logistics management business

Locus, an Indian startup that uses AI to help businesses map out their logistics, has raised $22 million in Series B funding to expand its operations in international markets. The financing round for the four-year-old startup was led by Falcon Edge Capital and Tiger Global Management . Existing investors Exfinity Venture Partners and Blume Ventures […] Continue reading India’s Locus raises $22 million to expand its logistics management business