Spotify resets some account passwords citing ‘suspicious activity’

Music streaming giant Spotify has notified an unspecified number of users that the company has reset their account password, but has left dozens of users asking why. In an email, some Spotify users were told their password was reset “due to detected suspicious activity,” but gave no further details. Anyone else getting emails from Spotify […]

Continue Reading →

Google says some G Suite user passwords were stored in plaintext since 2005

Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext. The search giant disclosed the exposure Tuesday but declined to say exactly how many enterprise customers were affected. “We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our […]

Continue Reading →

Identity platform Auth0 raises $103M, pushing its valuation over $1B

Auth0, a 2013-founded identity and authentication platform, has pushed into unicorn territory with a $1 billion valuation after raising $103 million in its latest Series E round. The round was led by Sapphire Ventures, with participation from K9 Ventures, Telstra Ventures and several others. In all, Auth0 total funding tops $210 million to date. Auth0 […]

Continue Reading →

Google recalls its Bluetooth Titan Security Keys because of a security bug

Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity to circumvent the security the key is supposed to provide. The company says that the bug is due to a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols” and that even the faulty […]

Continue Reading →

‘Unhackable’ encrypted flash drive eyeDisk is, as it happens, hackable

In security, nothing is “unhackable.” When it’s claimed, security researchers see nothing more than a challenge. Enter the latest findings from Pen Test Partners, a U.K.-based cybersecurity firm. Their latest project was ripping apart the “unhackable” eyeDisk, an allegedly secure USB flash drive that uses iris recognition to unlock and decrypt the device. eyeDisk raised […]

Continue Reading →

Samsung spilled SmartThings app source code and secret keys

A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found. The electronics giant left dozens of internal coding projects on a GitLab instance hosted on a Samsung-owned domain, Vandev Lab. The instance, used by staff […]

Continue Reading →

World Password Day: Always Keep Your Accounts Protected

Did you know, 63% of confirmed data breaches involved weak, stolen, or default passwords? Verizon reported that 93% of data breaches occurred within a couple of minutes, while 83% weren’t discovered for weeks. The more time that goes by, the more personal information someone can collect about you. In honor of World Password Day, we’ll explain a few tips and tricks to help strengthen your online security. Use a Password Manager Above All With the number of online profiles we have, it’s easy to forget what password goes with what…

The post World Password Day: Always Keep Your Accounts Protected appeared first on HostPapa Blog.

Continue Reading →

Job recruitment site Ladders exposed 13 million user profiles

Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records, following a security lapse. The New York-based company left an Amazon -hosted Elasticsearch database exposed without a password, allowing anyone to access the data. Sanyam Jain, a security researcher and a […]

Continue Reading →

Hackers went undetected in Citrix’s internal network for six months

Hackers gained access to technology giant Citrix’s networks six months before they were discovered, the company has confirmed. In a letter to California’s attorney general, the virtualization and security software maker said the hackers had “intermittent access” to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted […]

Continue Reading →