Malicious Android apps from the so-called PhantomLance campaign targeted hundreds of users, and at least two slipped past Google’s defenses. Google’s Play Store for Android apps has never had a reputation for the strictest protections from malware. Shady adware and even banking trojans have managed over the years to repeatedly defy Google’s security checks. Now… Read More


RIPE speaks out against China and Huawei’s ‘New IP’ internet upgrade plan, says internet standards should be left to the IETF, not the UN. EU-based Internet governance body RIPE is opposing a proposal to remodel core internet protocols, a proposal backed by the Chinese government, Chinese telecoms, and Chinese networking equipment vendor Huawei. Named ‘New… Read More


In an attempt to stem the tide of the coronavirus pandemic, at least 30 governments around the world have instituted temporary or indefinite efforts to single out infected individuals or maintain quarantines. Many of these efforts, in turn, undermine personal privacy. It’s a complex trade-off: Governments need information to create containment strategies and know where… Read More


A spear-phishing attack this week hooked a customer service employee at GoDaddy.com,the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com. Escrow.comhelps people safely… Read More


Alleged Windows flaw allows for remote code execution and is being flogged for $500,000. Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people’s private video conferences and further exploit a target’s system. Flaws target Zoom clients for the Windows and the… Read More


Pastebin quietly changed its terms and services that allowed researchers to study leaked data, malware, and stolen passwords. The most famous paste site, used by hackers of all stripes to host lists of stolen passwords, announcements of data breaches, and malware has made it harder for security researchers to scrape it looking for that kind… Read More


Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and to nearby receives, breaking air-gapped system protections. Academics steal data from air-gapped systems using PC fan vibrations Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and… Read More


The European Commission (EC) has published a document describing how it thinks member nations can best built a contact-tracing smartphone app to fight the COVID-19 pandemic. Such apps have been adopted by Singapore and India. The UK, USA and Australia have all suggested they’ll soon follow suit. Apple and Google have weighed in, saying they’ll… Read More