A new exploit has been discovered that allows unauthorized access to a user’s Google Wallet account with a simple hack that can be performed by anyone in a matter of minutes. A security firm recently exposed a Google Wallet vulnerability that allowed hackers to bypass PIN protection, but the vulnerability is only present on rooted Galaxy Nexus handsets. This new exploit, however, does not require a handset to be rooted, which leaves all Google Wallet users exposed. Read on for more. (more…)

The security experts at zVelo have discovered a vulnerability in Google Wallet that allows them to “easily reveal” users’ PINs. If a Google Nexus is rooted, Google Wallet’s PIN verification system can be cracked using a brute force attack. zVelo said on Wednesday that it immediately reported its findings to Google, and the company “agreed to work quickly to resolve it,” although the researchers said Google “ran into obstacles.” To fix the problem, the PIN verificati...

Yesterday it was revealed that the popular social networking app Path was uploading entire iPhone address books to the company’s server. The data uploaded included full names, phone numbers and email addresses, and the app uploaded all this data without ever asking for permission. Dave Morin, Path’s co-founder and CEO, admitted fault on Wednesday through the company’s website and announced an update to allow users to either opt in or out of the contact collection feature. “We believe y...

Path, the popular social network that competes with the likes of Instagram, may be uploading your iPhone’s entire address book up to its servers. Arun Thampi from mclov.in noticed the Path app’s steal data dump while trying to create a Mac OS X application for the social network during a hackathon. “Upon inspecting closer, I noticed that my entire address book (including full names, emails and phone numbers) was being sent as a plist to Path,” Thampi said, noting that Path didn’...

Regulators with the European Union have asked Google to stop rolling out new privacy changes that the company originally introduced earlier this month. “Given the wide range of services you offer, and the popularity of these services, changes in your privacy policy may affect many citizens in most or all of the EU member states,” the European wrote in a letter to Google’s CEO Larry Page. “We wish to check the possible consequences for the protection of the personal data of these citize...

Google announced on Thursday that the company has begun to take a more active approach to keeping malware out of the Android Market. The search giant is using a new service called “Bouncer” to search through the Market for potential malware. Bouncer will scan new applications, ones already in the Market, and developer accounts for known malware, spyware, trojans and misbehaving apps. The service has been running for some time and between the first and second halves of 2011, the company reports a ...

HTC has acknowledged that some the company’s handsets contain a security hole involving the handling of certain data requests while connected to a Wi-Fi network. Security researchers Chris Hessing and Bret Jordan discovered the vulnerability, which could use the android.permission.ACCESS_WIFI_STATE permission to create a command to view all Wi-Fi credentials while connected to the network. The researchers discovered the flaw in September, however over the past few months they have worked with HTC and Go...

Research In Motion’s latest BlackBerry 7 devices has=ve been granted Federal Information Processing Standard (FIPS) 140-2 certification by the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC). FIPS certification is required before a device can be used by a government agency in either the U.S. or Canada. ”The FIPS 140-2 certification for BlackBerry 7.0 and 7.1 illustrates RIM’s continuing commitment to providing industry-leadin...

Google on Monday announced that the company would combine individual privacy policies from a variety of its products into one main policy. Critics of the change were worried that Google was now collecting more data than before, and the U.S. House Energy and Commerce Committee demanded answers. The Mountain View-based company has now responded to Congress and defended its decision to change the policy. Read on for more. (more…)

Earlier this week, Google announced that the company would combine individual privacy policies from a variety of its products into one main policy. The idea behind it was to provide users with a “more intuitive Google experience.” Critics of the change are worried that Google is now collecting more data than ever, however, leading members of the U.S. House Energy and Commerce Committee to demand answers. Read on for more. (more…)

IBM and HTC are working together to make Android a more attractive platform for the enterprise market. Executives from both companies recently demoed IBM software running on HTC smartphones and tablets during IBM’s Lotusphere and Connect conference, TechWeek Europe said recently. “It’s only been really relatively recently that HTC has broken into the enterprise space,” HTC’s executive director Global Enterprise and Services David Jaegar said. “We’re driving toward that magic...

Twitter finally appears to be preparing a new wave of attacks on the malicious spammers that have overrun the popular social network during the past year. Web security firm Dasient on Monday announced that it has been acquired by Twitter. ”Since its inception, Dasient has been focused on solving web-scale security problems involving malware and other types of online abuse,” the firm noted in a blog post. “In 2009, Dasient launched its web anti-malware platform, capable of scanning URLs an...

Research In Motion is currently weighing every single option it can think of in an effort to reverse a negative trend that is approaching a boiling point for investors. Reports that RIM is currently in talks to license its software to other vendors are accurate according to our trusted sources, though we have been told that RIM is most likely leaning toward an outright sale of one or more divisions, or even the whole company. The front runner, we have been told by a trusted source with knowledge of the situ...

Zappos on Sunday confirmed that hackers breached the company’s servers and accessed personal data belonging to many of its customers. The Amazon-owned shoe retailer known for top-notch service and surprising customers with express shipping at no extra cost confirmed that personal data from 24 million accounts was accessed during a recent security breach. The hackers gained access to range of sensitive data including user names, encrypted passwords, customer names, email addresses, phone numbers and the ...