Julie Muncy reports: Earlier today, Nintendo confirmed that a recent hacking attempt on its system compromised the login IDs and passwords of some 160,000 Nintendo Network ID accounts. In the wake of the hack, the company is temporarily disabling the ability to log in to Nintendo Accounts through the NNID system, which, in the labyrinthine world of Nintendo account…
GAO wants four agencies to up their cybersecurity game by this fall
Andrew Eversden reported: Four Cabinet-level agencies are working to finalize risk-management strategies and improve internal cybersecurity coordination by this fall at the behest of the Government Accountability Office, according to new reports released by the watchdog this month. According to the “priority open recommendations” reports, which detail the GAO’s top unimplemented recommendations to an agency,…
Apple says ‘no evidence’ iPhone mail flaw used against customers
Reuters reports: Apple Inc (AAPL.O) said on Thursday it has found “no evidence” a flaw in its email app for iPhones and iPads has been used against customers, and that it believes the flaw does “not pose an immediate risk to our users”. Read more on Reuters.
FTC Settles with Company Over Alleged Deceptive Security Practices
Kari Rollins and Julia Kadish of Sheppard Mullin write: The FTC recently settled with smart lock maker Tapplock, Inc., a Canadian company, over allegations that it deceived consumers with false claims about its product’s security practices. These allegations arose based on vulnerabilities that a security researcher demonstrated – not in the aftermath of a data security breach…
IN: Nagaland govt investigating data leak of stranded persons
Medolenuo Ambrocia reports: Kohima: A major data breach in the government of Nagaland website to help citizens stranded outside the state has led to personal details of these individuals being exposed. Personal information including bank account details, AADHAAR number, phone numbers, address etc have been leaked into the public domain. This is serious as this private…
Two iOS zero-days used in limited mail attacks
Dennis Fisher writes: Attackers have been exploiting a pair of dangerous vulnerabilities in the default mail app in Apple’s iOS software since at least January 2018 simply by sending specially formatted emails to target devices. The flaws are unpatched and have been present since iOS 6 was released in 2012. The two vulnerabilities have been…