Equifax chairman and CEO Richard Smith stepped down Tuesday, just weeks after the company disclosed a massive data breach that exposed more than 143 million U.S. individuals. Paulino do Rego Barros, Jr., who most recently served as President, Asia Pacific, and is a seven-year veteran of the company, has been appointed as interim Chief Executive Officer. The…

Google Project Zero has disclosed the details of two critical remote code execution vulnerabilities affecting the Broadcom Wi-Fi chips found in many Android and iOS devices. The flaws, identified as CVE-2017-11120 and CVE-2017-11121, were patched in Android on September 5 with this month’s security updates and in iOS on September 19 with the release of…

Americans believe criminal hacking into computer systems is now a top risk to their health, safety and prosperity. Criminal hacking, a new ESET survey finds, outranks other significant hazards, including climate change, nuclear power, hazardous waste, and government surveillance. The survey was conducted by ESET security researchers, and asked randomly selected adults to rate their…

Many people in the security industry today grew up watching “Star Trek,” from the original episodes to Next Generation, Deep Space Nine, Voyager, Enterprise and the many other series that followed. In anticipation of the upcoming “Star Trek: Discovery” series, we thought it would be a good time to remind our readers that, beyond the…

Login credentials and other sensitive data from more than a half million vehicle tracking devices, which continually pinpoint vehicles’ locations, were left unprotected online. The exposed records belonging to SVR Tracking, headquartered in San Diego, were discovered by Kromtech security researchers. Thanks to a misconfigured Amazon AWS S3 bucket, 540,642 account IDs which included logins…

An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are…

Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter at least 8 times to access securityequifax2017.com instead of equifaxsecurity2017.com, the website created by the credit reporting agency…

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple permission error or server…

Apple this week announced the availability of 8 security patches for its iPhone 5s and later, iPad Air and later, and iPod touch 6th generation users, released as part of the iOS 11 platform upgrade. The bugs affect 7 platform components, namely Exchange ActiveSync, iBooks, Mail MessageUI, Messages, MobileBackup, Safari, and WebKit. Exploitation of these…