The Latest from Zack Whittaker
What3Words sends legal threat to a security researcher for sharing an open-source alternative
A U.K. company behind digital addressing system What3Words has sent a legal threat to a security researcher for offering to share an open-source software project with other researchers, which What3Wor
Click Studios asks customers to stop tweeting about its Passwordstate data breach
Australian security software house Click Studios has told customers not to post emails sent by the company about its data breach, which allowed malicious hackers to push a malicious update to its fla
DigitalOcean says customer billing data accessed in data breach
DigitalOcean has emailed customers warning of a data breach involving customers’ billing data, TechCrunch has learned. The cloud infrastructure giant told customers in an email on Wednesday, obt
A software bug let malware bypass macOS’ security defenses
Apple has spent years reinforcing macOS with new security features to make it tougher for malware to break in. But a newly discovered vulnerability broke through most of macOS’ newer security p
Thoma Bravo buys cybersecurity vendor Proofpoint for $12.3B in cash
More M&A activity is underway in the red-hot field of cybersecurity. In the latest development, private equity giant Thoma Bravo is buying Proofpoint, the SaaS security vendor, for $12.3 billion i
Passwordstate users warned to ‘reset all passwords’ after attackers plant malicious update
Click Studios, the Australian software house that develops the enterprise password manager Passwordstate, has warned customers to reset passwords across their organizations after a cyberattack on the
Proctorio sued for using DMCA to take down a student’s critical tweets
A university student is suing exam proctoring software maker Proctorio to “quash a campaign of harassment” against critics of the company, including an accusation that the company misused
Window Snyder’s new startup Thistle Technologies raises $2.5M seed to secure IoT devices
The Internet of Things has a security problem. The past decade has seen wave after wave of new internet-connected devices, from sensors through to webcams and smart home tech, often manufactured in bu
Running apps still lag behind on privacy and security
Some of the most popular running apps are still lagging behind on security and privacy. That’s the verdict from security researchers who examined the leading running apps five years apart and fo
Geico admits fraudsters stole customers’ driver’s license numbers for months
Geico, the second-largest auto insurer in the U.S., has fixed a security bug that let fraudsters steal customers’ driver’s license numbers from its website. In a data breach notice filed w
Grocery startup Mercato spilled years of data, but didn’t tell its customers
A security lapse at online grocery delivery startup Mercato exposed tens of thousands of customer orders, TechCrunch has learned. A person with knowledge of the incident told TechCrunch that the incid
Gay dating site Manhunt hacked, thousands of accounts stolen
Manhunt, a gay dating app that claims to have 6 million male members, has confirmed it was hit by a data breach in February after a hacker gained access to the company’s accounts database. In a
FBI launches operation to remove backdoors from hacked Microsoft Exchange servers
A court in Houston has authorized an FBI operation to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers in the United States, months after hackers used four pre
Risk startup LogicGate confirms data breach
Risk and compliance startup LogicGate has confirmed a data breach. But unless you’re a customer, you probably didn’t hear about it. An email sent by LogicGate to customers earlier this mon
Biden’s cybersecurity dream team takes shape
President Biden has named two former National Security Agency veterans to senior government cybersecurity positions, including the first national cyber director. The appointments, announced Monday, la
APKPure app contained malicious adware, say researchers
Security researchers say APKPure, a widely popular app for installing older or discontinued Android apps from outside of Google’s app store, contained malicious adware that flooded the victim
Facebook ran ads for a fake ‘Clubhouse for PC’ app planted with malware
Cybercriminals have taken out a number of Facebook ads masquerading as a Clubhouse app for PC users in order to target unsuspecting victims with malware, TechCrunch has learned. TechCrunch was alerte
Education nonprofit Edraak ignored a student data leak for two months
Edraak, an online education nonprofit, exposed the private information of thousands of students after uploading student data to an unprotected cloud storage server, apparently by mistake. The nonprofi
The do’s and don’ts of bug bounty programs with Katie Moussouris
Cybersecurity veteran Katie Moussouris explains what startups should (and shouldn't) do, what to prioritize, and the difference between vulnerability disclosure, penetration testing and bug bounties.
US charges California man over Shopify data breach
A grand jury has indicted a California resident accused of stealing Shopify customer data on over a hundred merchants, TechCrunch has learned. The indictment charges Tassilo Heinrich with aggravated i