It seems that the concerns about Fortnite's security were well-founded -- although not necessarily for the reasons some people might have expected. Epic Games has been criticized for its decision not to make Fortnite available through Google Play, leading Google to show warnings to anyone conducting searches for the game.

Now a Google engineer just revealed that the first version of Epic's installer had a serious security vulnerability, placing Android users at risk. A post on Google's Issue Tracker shows that the installer could be abused to secretly download and install any app with any level of permissions -- a Man-in-the-Disk exploit.

T-Mobile has revealed that it fell victim to a security incident earlier in the week, and details of around 2.3 million accounts were accessed.

The hack attack took place on Monday, August 20, and while T-Mobile stresses that no financial data was taken, it concedes that it detected "unauthorized capture of some information". The exposed data includes names, billing zip code, phone number, email address, account number and account type, which would be enough for hackers to launch successful phishing attacks.

Recent scandals surrounding the use of personal data, such as the Cambridge Analytica scandal, plus the large fines that can be levied under GDPR, have focused minds on the protection of information.

But is your website at risk of exposing your visitors' data? Auditing and monitoring specialist DataTrue has produced an infographic looking at the risks site tags may pose to privacy.

Security is a serious business (including for Fortnite-maker Epic Games), but it's not something most people take seriously enough -- as the number of weak and reused passwords out there shows. Epic, however, has just given players of its hit game an incentive to enable two-factor authentication on their account.

By enabling 2FA in Fortnite, players can unlock a hidden extra -- the Boogiedown emote. While this is undoubtedly a form of bribery, it is no bad thing. There are just a few simple steps you need to follow to access the new emote.

It's common for businesses to insure against the risk of losing their systems to natural disasters or power outages, but a new product allows you to insure against fraudulent use of IT and telephony, including cloud and internet-based services.

San Francisco-based cyber insurer Coalition is launching Service Fraud coverage that reimburses organizations for the direct financial losses they incur as the result of being charged for fraudulent use of business services including Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Network-as-a-Service (NaaS), and telephony services.

More than half of consumers worldwide are now using IoT devices, yet 64 percent of those have already encountered performance issues and there are widespread fears about what could go wrong, according to a new survey.

The study of 10,000 consumers by software intelligence company Dynatrace finds that people experience an average of one and a half digital performance problems every day, and 62 percent fear the number of problems they encounter, and the frequency, will increase due to the rise of IoT.

According to a new report from Kaspersky Lab, 73 percent of successful perimeter breaches on corporate networks in 2017 were achieved using vulnerable web applications.

In addition to web applications, another common vector for penetrating the network perimeter was attacks on publicly available management interfaces with weak or default credentials.

Threat intelligence specialist Lastline produces regular reports on the global cyberthreat landscape.

Its latest study looks at the telecoms industry and how the threats it faces differ from those in the wider world. Among the findings are that the industry sees a higher percentage of attacks (one in 10) exhibiting advanced threat capabilities, which is greater than the global standard of one in 12.

We reported last week on a report highlighting how many security professionals are turning to a life of cybercrime.

In a follow up research piece, Wendy Zamora at Malwarebytes, has been looking at the psychology, motivations and other underlying factors that drive people to take part in cybercrime.

The second quarter of 2018 has seen a significant increase in Trojan activity, seeing them become the leading type of malware, according to the latest report from Comodo Cybersecurity.

At the same time there has been a slight decrease in cryptomining software. However, this has gone hand-in-hand with a sharp increase in their harmful capabilities, including better concealment and stronger persistence.

Firewalls remain an important element of security architecture, but many organizations are still struggling with the basics, according to a new study.

Security policy management company FireMon has released its 2018 State of the Firewall report which reveals that 94 percent of respondents believe firewalls are as or more critical than ever.

New figures from Kaspersky Lab show that more than a third (35.7 percent) of phishing attempts in the second quarter of 2018 attempts were related to financial services via fraudulent banking or payment pages.

The IT sector was second hardest hit, with 13.83 percent of attacks targeting technology companies, a 12.28 percent increase compared to Q1.

We reported last week on a new tool to help spot vulnerabilities present in active open source systems.

To prevent problems from being introduced into new systems, open source governance specialist Sonatype is launching a tool to enable developers to identify and avoid using open source components that have known vulnerabilities.

Unless you are in regular touch with the 1980s it's probably a while since you gave much thought to using fax machines.

Even then you might think your biggest worry would be a paper jam. But new research from Check Point released at Def Con in Las Vegas reveals organizations and individuals could be hacked via their fax machines, using newly discovered vulnerabilities in the communication protocols used in tens of millions of fax devices globally.

2018 looks like it's on track to be another record year for vulnerabilities, with over 10,000 disclosed in the half year to June.

The newly released 2018 mid-year VulnDB QuickView report from Risk Based Security shows that 16.6 percent of the reported vulnerabilities received CVSSv2 (Common Vulnerability Scoring System) scores of between 9.0 and 10.0, which is a drop from previous years. However, the severity of the vulnerabilities disclosed still remains significant.