User-provided password retrieval hints in Windows 7 and 8 operating systems are vulnerable to being retrieved and decoded by attackers.
That finding was made by two security researchers who’ve been studying ways to increase the reliability of tools designed to extract Windows registry information.
via Windows Password Clues Easy To Crack – Security – End user/client security – Informationweek.
Google for years has said that it takes privacy very seriously, but the company’s recent $22.5 million settlement with the Federal Trade Commission for breaking privacy promises and its commitment last year to endure 20 years of FTC privacy audits following “deceptive privacy practices” is pushing the company to take privacy with new, improved seriousness
via Google ‘Red Team’ To Test Product Privacy – Security – Privacy – Informationweek.
Next month the National Institute of Standards and Technology NIST plans to put out for public review its draft for a new government encryption standard that, when finalized, is going to compel federal agencies with older websites to replace them
via New NIST encryption guidelines may force fed agencies to replace old websites.
Over the past three years, about 21 million patients have had their medical records exposed in data security breaches that were big enough to require they be reported to the federal government.
via ‘Wall of Shame’ exposes 21M medical record breaches.
New configurations of the Shylock financial malware inject attacker-controlled phone numbers into the contact pages of online banking websites, according to security researchers
via Shylock malware injects rogue phone numbers in online banking websites.
The Google Wallet app now stores your payment cards on highly secure Google servers, instead of in the secure storage area on your phone.
via Google Wallet’s Huge Upgrade Adds Support For All Credit/Debit Cards, Remote Disable Feature | TechCrunch.
Bank of America Corp. (>> Bank of America Corp) is throwing its muscle behind a credit-card technology aimed at cutting down on hassles U.S. cardholders may encounter when trying to make purchases while traveling abroad.
The Charlotte, N.C., bank said Monday it is including what are known as EMV chips in many of its consumer credit cards targeted at frequent travelers and high-net-worth customers.
via Bank of America to Offer Chip Technology for Credit Cards.
Microsoft last week warned IT administrators that critical vulnerabilities in code licensed from Oracle could give attackers access to Exchange Server 2007 and Exchange Server 2010 systems.
Oracle patched the vulnerabilities in its “Oracle Outside In” code libraries as part of a massive update on July 17 that fixed nearly 90 flaws in its database software.
via Microsoft warns of critical Oracle code bugs in Exchange.