Zack Whittaker
Security Editor
The Latest from Zack Whittaker
Fragomen, a law firm used by Google, confirms data breach
Immigration law firm Fragomen, Del Rey, Bernsen & Loewy has confirmed a data breach involving the personal information of current and former Google employees. The New York-based law firm provides
Decrypted: How Twitter was hacked, GitHub DMCA backfires
One week to the U.S. presidential election and things are getting spicy. It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week t
President Trump’s Twitter accessed by security expert who guessed password ‘maga2020!’
A Dutch security researcher says he accessed President Trump’s @realDonaldTrump Twitter account last week by guessing his password: “maga2020!”. Victor Gevers, a security researcher
Security testing firm NSS Labs ceases operations, citing coronavirus
Security testing company NSS Labs “ceased operations” last week, the company said in a notice on its website, citing impacts related to the ongoing coronavirus pandemic. The Austin, Texas-
Apple, Opera and Yandex fix browser address bar spoofing bugs, but millions more still left vulnerable
Year after year, phishing remains one of the most popular and effective ways for attackers to steal your passwords. As users, we’re mostly trained to spot the telltale signs of a phishing site,
Trump says ‘nobody gets hacked’ but forgot his hotel chain was hacked — twice
According to President Trump speaking at a campaign event in Tucson, Arizona, on Monday, “nobody gets hacked.” You don’t need someone who covers security day in and day out to call b
US charges Russian hackers blamed for Ukraine power outages and the NotPetya ransomware attack
Six Russian intelligence officers accused of launching some of the “world’s most destructive malware” — including an attack that took down the Ukraine power grid in December 2015 a
A prison video visitation service exposed private calls between inmates and their attorneys
Exclusive: Calls supposed to be protected by attorney-client privilege were recorded and transcribed.
Dr Lal PathLabs, one of India’s largest blood test labs, exposed patient data
Dr Lal PathLabs, one of the largest lab testing companies in India, left a huge cache of patient data on a public server for months, TechCrunch has learned. The lab testing giant, headquartered in New
Decrypted: The major ransomware attack you probably didn’t hear about
Watching the news this past week was like drinking from a firehose. Speaking of which, you probably missed a busy week in cybersecurity, so here are the big stories from the past week. THE BIG PICTURE
Security flaw left ‘smart’ chastity sex toy users at risk of permanent lock-in
Just because almost every gadget or appliance can be connected to the internet, doesn’t mean they should be. Outages can render these “smart” devices useless, and many use weak security
A security flaw in Grindr let anyone easily hijack user accounts
Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of an
Facebook sues two companies engaged in data scraping operations
Facebook today says it has filed a lawsuit in the U.S. against two companies that had engaged in an international “data scraping” operation. The operation extended across Facebook properti
Imperva to acquire database security startup jSonar
Cybersecurity giant Imperva will acquire jSonar, a database security startup that recently landed $50 million from Goldman Sachs. Financial terms of the deal weren’t disclosed. The acquisition o
How 3 remote-friendly tech companies plan to return to the office
Six months ago, millions of workers left their offices for the last time without realizing it. Many would be laid off because of the pandemic, but for those fortunate to keep their jobs, some of their
Applicants say DC Bar exposed their personal data and background checks
Lawyers applying for a license to practice law in Washington, D.C., say a security lapse by the bar association exposed their application files, including their government-issued IDs and background ch
After breach, Twitter hires a new cybersecurity chief
Following a high-profile breach in July, Twitter has hired Rinki Sethi as its new chief information security officer. Sethi most recently served as chief information security officer at cloud data man
Microsoft outage leaves users unable to access Office, Outlook, Teams
Microsoft said it’s investigating an authentication outage with Office 365, preventing users from accessing some of the company’s most widely used services, including Office.com, Outlook.c
Healthcare giant UHS hit by ransomware attack, sources say
Universal Health Services, one of the largest healthcare providers in the U.S., has been hit by a ransomware attack. The attack hit UHS systems early on Sunday morning, according to two people with di
Trump administration’s TikTok ban has been delayed
A U.S. federal court has said a ban on TikTok will not go into effect on Monday, as scheduled. The move to delay the anticipated ban will allow Americans to continue using the app while the court con