Google promises to stop spying on Android phones, even ones without SIM cards

An investigation published by Quartz has revealed Android phones have been tracking users using cell towers since the beginning of 2017, “even when location services are disabled.” This allows Android devices to send information back to Google. Quartz rightly points out that this goes “far beyond a reasonable consumer expectation of privacy.” ibankcoin notes that even a brand new…

Poor Security Habits Plague Large Enterprises

Despite being ripe targets for cybercriminals, most large enterprises lack control over employee data access and follow weak password practices.  According to Preempt’s survey of 200 management-level professionals at organizations with 1,000 employees, employees have more access than they should. A quarter (25%) of employees have tried to access data at work that they weren’t supposed to.…

F5 DROWNing, not waving, in crypto fail

If you’re an F5 BIG-IP sysadmin, get patching: there’s a bug in the company’s RSA implementation that can give an attacker access to encrypted messages. As the CVE assignment stated: “a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may…