The login scheme promises it won’t share data — and will be required for all developers using third-party sign-ins. Is ‘Sign in with Apple’ Marketing Spin or Privacy Magic? Experts Weigh In
An attacker could gain remote access by chaining together an exploit for home routers with the TV flaw. Smart-TV Bug Allows Rogue Broadcasts
“Password-killing” authentication efforts may be on a road to nowhere. Passwords: Here to Stay, Despite Smart Alternatives?
Five of them allow remote compromise of the IoT gadgets, so attackers can intercept video feeds and more. Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities
Gym customer data, including contact information, birth dates and height/weight data, opens the door to convincing follow-on social-engineering attacks. FitMetrix Exposes Millions of Customer Details, Accessed by Criminals
Chrome users are now automatically signed into the browser if they’re signed into any other Google service, such as Gmail. Google’s Forced Sign-in to Chrome Raises Privacy Red Flags
Few organizations are prepared to mitigate supply-chain risks, despite a majority of them acknowledging they are a huge cyber threat. ThreatList: Supply-Chain Defenses Need Improvement
A massive breach has impacted up to 21 million users’ personal data and their social media “access tokens.” Timehop Breach Impacts Personal Data of 21 Million Users
InfoSec Insider Justin Jett shares his opinions on how to avoid false positive security threat fatigue before sets in and companies drop their guard. Keeping False Positives in Check
The idea is to use trusted execution environments to build trust across various cloud-related use cases, including 5G, virtual network functions (VNFs), blockchain and more. Asylo Open-Source Framework Tackles TEEs for Cloud