Latest news from Naked Security (2019/03/26)

Apple patches 51 security flaws

Apple’s update for iOS and macOS patches 51 holes, the more serious of which include bugs in Safari, Keychain and FaceTime.

FEMA exposes sensitive data of 2.3 million disaster survivors

The agency said it exposed 2.3m people’s details in a “major privacy incident” involving a contractor that set up temporary housing.

Tech giants back bill that privacy advocates claim is toothless

The main disagreement: if consumers will be able to delete their data or whether the law would give companies ways to wiggle out.

Family tracking app spilled pics, names and real-time location data

A journalist/researcher team got a sensitive database taken down after the vendor responsible failed to acknowledge a problem.

Medtronic cardiac implants can be hacked, FDA issues alert

Two serious flaws in the telemetry protocol could allow a hacker to control vulnerable Implantable Cardioverter Defibrillators (ICDs).

Latest news from Naked Security (2019/03/25)

Thousands of API and cryptographic keys leaking on GitHub every day

Researchers have found that one of the most popular source code repositories in the world is still housing thousands of publicly accessible user credentials.

Update now! WordPress hackers target Easy WP SMTP plugin

Two hacking groups have been spotted targeting websites running unpatched versions of the WordPress plugin Easy WP SMTP.

New ratings point to keyless cars that can stand up to relay attacks

Researchers rated six of the 11 newly launched cars as being easy to open up and drive off with a cheap relay device anyone can buy online.

Monday review – the hot 29 stories of the week

From an ex-employee from IT hell to Window 7’s upcoming patchocalypse, and everything in between. It’s weekly roundup time!

Facebook password crisis – what to do? [VIDEO]

Watch this special edition of Naked Security Live – we answer the questions people have been asking us, like “Should I stay or should I go?”

Sacked IT guy annihilates 23 of his ex-employer’s AWS servers

He was fired after four weeks, ripped off the credentials of former colleague “Speedy”, and will be mulling it all over for two years in jail.

Latest news from Naked Security (2019/03/22)

BitLocker hacked? Disk encryption – and why you still need it [VIDEO]

Is BitLocker cracked? Is disk encryption still worth it? The answers are “No” and “Yes”, and here’s why.

Microsoft Windows 7 patch warns of coming patchocalypse

Microsoft has issued a patch to remind Windows 7 users that they’ll soon have no patches.

Sacked IT guy annihilates 23 of his ex-employer’s AWS servers

He was fired after four weeks, ripped off the credentials of former colleague “Speedy”, and will be mulling it all over for two years in jail.

Spycam sex videos of 1,600 motel guests sold to paying subscribers

1,600 guests were filmed with hidden webcams that livestreamed the action. The site also sold videos.

Scammer pleads guilty to fleecing Facebook and Google of $121m

Large, worldly tech companies would never fall for a wire transfer invoice scam, would they?

Change your Facebook password now!

Facebook has done an audit and shocked even itself by finding plaintext passwords in logfiles back to 2012. Change your password now!