Article Trunk



Posts Tagged ‘password’

Jewish dating app JCrush exposed user data and private messages

A security lapse at JCrush, a dating app designed for the Jewish community, left a databases open without a password, exposing sensitive user records and private messages to anyone who knew where to look. The site’s backend database had around around 200,000 user records, according to security researchers Noam Rotem and Ran Loca, who shared ...

Password manager Dashlane raises $110M in Series D, adds CMO

Password manager maker Dashlane has raised $110 million in its latest round of funding, the company said Thursday. The company said Sequoia Capital led the Series D round, with partner Jim Goetz joining the board. Dashlane also said Lyft executive Joy Howard was appointed as its new chief marketing officer and will start in August. ...

Flipboard hacks prompt password resets for millions of users

Social sharing site and news aggregator Flipboard has reset millions of user passwords after hackers gained access to its systems several times over a nine-month period The company confirmed in a notice Tuesday that the hacks took place between June 2, 2018 and March 23, 2019 and a second time on April 21-22, 2019, but ...

Spotify resets some account passwords citing ‘suspicious activity’

Music streaming giant Spotify has notified an unspecified number of users that the company has reset their account password, but has left dozens of users asking why. In an email, some Spotify users were told their password was reset “due to detected suspicious activity,” but gave no further details. Anyone else getting emails from Spotify ...

Google says some G Suite user passwords were stored in plaintext since 2005

Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext. The search giant disclosed the exposure Tuesday but declined to say exactly how many enterprise customers were affected. “We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our ...

Google’s own data proves two-factor is the best defense against most account hacks

Every once in a while someone will ask me what is the best security advice. The long answer is “it depends on your threat model,” which is just a fancy way of saying what’s good security advice for the vast majority isn’t necessarily what nuclear scientists and government spies require. My short answer is, “turn ...

Identity platform Auth0 raises $103M, pushing its valuation over $1B

Auth0, a 2013-founded identity and authentication platform, has pushed into unicorn territory with a $1 billion valuation after raising $103 million in its latest Series E round. The round was led by Sapphire Ventures, with participation from K9 Ventures, Telstra Ventures and several others. In all, Auth0 total funding tops $210 million to date. Auth0 ...

Google recalls its Bluetooth Titan Security Keys because of a security bug

Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity to circumvent the security the key is supposed to provide. The company says the bug is due to a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols” and that even the faulty keys ...

‘Unhackable’ encrypted flash drive eyeDisk is, as it happens, hackable

In security, nothing is “unhackable.” When it’s claimed, security researchers see nothing more than a challenge. Enter the latest findings from Pen Test Partners, a U.K.-based cybersecurity firm. Their latest project was ripping apart the “unhackable” eyeDisk, an allegedly secure USB flash drive that uses iris recognition to unlock and decrypt the device. In its ...

Samsung spilled SmartThings app source code and secret keys

A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found. The electronics giant left dozens of internal coding projects on a GitLab instance hosted on a Samsung-owned domain, Vandev Lab. The instance, used by staff ...