John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
They Didn't Get Your Password. They Got Everything Else.
Booking.com forced PIN resets. Basic-Fit disclosed a breach hitting roughly one million EU gym members. No passwords were stolen, both companies say. That's not the reassurance it sounds like.
Read More
Your 'Security' Camera Has a Backdoor the Manufacturer Put There on Purpose
Researcher reveals VStarcam deliberately engineered password-leaking backdoors into camera firmware over four years.
Read More
The FCC Just Banned Foreign Routers. Almost Every Router You Own Is Foreign.
The FCC has declared foreign-made consumer routers a national security threat and blocked new ones from entering the US market. Here's what the rule actually covers, what it doesn't, and why the hard question about firmware goes unanswered.
Read More
Sears' AI Chatbot Stored 3.7 Million of Your Conversations. Could Be Read Online.
Security researcher Jeremy Fowler found 3.7 million Sears chatbot conversations and 1.4 million audio files sitting wide open online -- including home addresses and appointment times. This one crosses into physical security territory.
Read More
Coinbase Is Asking You to Type Your Crypto Wallet Key Into a Website. Don't.
Coinbase Commerce shuts down March 31 and its migration tool asks users to enter their seed phrase into a web form. Security researchers are alarmed -- and they should be.
Read More
An Identity Theft Protection Company Was Just Hacked by a Phone Scammer
Aura sells identity protection. A scammer called one employee, said the right things, and walked out with data on 900,000 people. The irony is real, but the lesson is bigger.
Read More
Russian Hackers Are Coming for Your Signal and WhatsApp
Dutch intelligence says Russian state hackers are running a global campaign to hijack Signal and WhatsApp accounts by abusing the linked-device feature. Here's how to check if you're compromised.
Read More