LifeLock Patches XSS That Could’ve Led to Phishing

Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest usernames and passwords from customers. LifeLock patched the vulnerability quickly after researchers Blake Welsh and Eric Taylor from Cinder Cyber Research reported it. Welsh said via […]

LifeLock CEO A Frequent Victim of ID Theft

A CEO who publicly posted his Social Security number on billboards and
TV commercials as part of a campaign to promote his company’s credit
monitoring services was the victim of identity theft at least 13 times, a
news report says. Read the full article. [Wired]

LifeLock Settles with FTC for $11 Million

LifeLock, an Arizona company promising
customers protection from identity theft, has agreed to pay $12 million
to settle charges that the company overstated its benefits and used
“scare tactics” to gain subscribers. Read the full article. [Computerworld]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.