security.didici.cc
Turnbull opens Australian Cyber Security Centre HQ
3 hours agoThe federal government said the new headquarters of Australia's cybersecurity centre will be a central hub for cybersecurity information, advice, and assistance to all Australians.
Brazilian president signs data protection bill
4 hours agoThe new rules will be enforced in 18 months, when public and private sector organizations collecting data should be fully compliant.
Australian Cyber Security Centre finally gets its own office
4 hours agoNew threat and advice website cyber.gov.au created.
Mozilla-endorsed security plug-in accused of tracking users
6 hours agoWeb Security says there's nothing nefarious to its URL collection A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…
Making money mining Coinhive? Yeah, you and nine other people
6 hours ago10 users controlling the bulk of cryptocoin generator funds Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…
Intel Reveals New Spectre-Like Vulnerability
7 hours agoA new side-channel speculative execution vulnerability takes aim at a different part of the CPU architecture than similar vulnerabilities that came before it.
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
9 hours agoCar hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
Britain's biggest banks report 64 payment outages in last 3 months
9 hours agoSecurity or operational incidents cut customers off.
Microsoft Cortana Flaw Allows Web Browsing on Locked PCs
9 hours agoThe tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.
BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?
9 hours agoIn testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid.
2018 Pwnie Awards: Who Pwned, Who Got Pwned
10 hours agoA team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.
India's Cosmos bank raided for $13m by hackers
10 hours agoReport points finger at North Korea for cyber-heist Cosmos Bank in India says that hackers made off with $13.4m in stolen funds over the weekend.…
Support for ageing key exchange crypto leaves VPNs open to attack
10 hours agoAncient issue causing new ones Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs).…
Bitcoin backer sues AT&T for $240m over stolen cryptocurrency
11 hours agoMichael Terpin not happy about funds-draining SIM swap fraud A bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.…
Alibaba takes more cloud products global, eyes APAC growth
11 hours agoChinese internet giant talks up new product releases such as Anti-Bot Service and its datacentre footprint in Asia-Pacific as key differentiators against cloud rivals, Amazon Web Services and Google.
Before taking that DNA test: Six things you need to know
13 hours agoAs DNA testing becomes more common, more and more of us are spitting saliva. But what exactly is a DNA test? How does it work? What are the implications? We try to answer these questions here.
Digital risk protection in 2018: New vendors, new leaders, new wave
13 hours agoHere are the capabilities that security and risk professionals should prioritize when selecting a Digital Risk Protection solution.
Gartner Says IT Security Spending to Hit $124B in 2019
13 hours agoGlobal IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.
Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files
14 hours agoResearchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.
Former Microsoft engineer sent behind bars for role in ransomware extortion scheme
14 hours agoThe engineer was neck-deep in laundering proceeds from Reveton ransomware victims.
Instagram Hack: Hundreds Affected, Russia Suspected
15 hours agoAffected users report the email addresses linked to their Instagram accounts were changed to .ru domains.
New PHP Exploit Chain Highlights Dangers of Deserialization
15 hours agoPHP unserialization can be triggered by other vulnerabilities previously considered low-risk.
Open Source Software Poses a Real Security Threat
15 hours agoIt's true that open source software has many benefits, but it also has weak points. These four practical steps can help your company stay safer.
RunSafe could eliminate an entire class of infrastructure malware attacks
15 hours agoRunSafe, a Mclean Virginia startup, got started doing research for DARPA on how to defend critical infrastructure. They built a commercial product based on that initial research that they claim eliminates an entire class of attacks. Today, the company rel ...
ThreatList: Financial-Themed Phishing Lures Sink Hooks into Targets in Q2
17 hours agoIn addition to traditional phishing, fraudulent cryptocurrency offers is a rising trend.
Twistlock snares $33 million Series C investment to secure cloud native environments
17 hours agoAs the world shifts to a cloud native approach, the way you secure applications as they get deployed is changing too. Twistlock, a company built from the ground up to secure cloud native environments, announced a $33 million Series C round today led by Ic ...
Adobe fixes critical code execution flaws in latest patch update
17 hours agoTwo vulnerabilities in Acrobat and Reader are considered critical.
Microsoft: Here's how to limit 'Foreshadow' attack impact
18 hours agoWindows Server admins using Hyper-V have some complicated choices to make about how best to mitigate Foreshadow on Intel hardware.
Baddies of the internet: It's all about dodgy mobile apps, they're so hot right now
18 hours agoReport fingers online fraudsters' current habits Rogue mobile apps have become the most common fraud attack vector, according to the latest quarterly edition of RSA Security's global fraud report.…
Cryptojacking attacks: One in three organisations say they've been hit with mining malware
19 hours agoCryptocurrency-generating malware has been on a rampage this year - but some organisations still haven't done much to defend against it.
Hacking Police Bodycams
19 hours agoSuprising no one, the security of police bodycams is terrible. Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when th ...
Podcast: Bugcrowd Founder on Printer Bugs, IoT Bounty Hunting, and New VDP Project
19 hours agoBugcrowd's CTO and founder Casey Ellis talked to Threatpost about the recently launched HP printer bug bounty program.
Foreshadow and Intel SGX software attestation: 'The whole trust model collapses'
20 hours agoEl Reg talks to Dr Yuval Yarom about Intel's memory leaking catastrophe Interview In the wake of yet another collection of Intel bugs, The Register had the chance to speak to Foreshadow co-discoverer and University of Adelaide and Data61 researcher Dr Y ...
Microsoft Patch Tuesday: 60 vulnerabilities resolved including two active exploits
20 hours agoA total of 19 vulnerabilities are deemed critical, including two zero-day flaws being actively used in the wild.
Criminals a bit less interested in nicking Brits' identities this year
21 hours agoID fraud drops to four-year low New figures reveal UK identity fraud dropped during the first six months of 2018 to reach a four-year low.…
Instagram hack is locking hundreds of users out of their accounts
23 hours agoRecovery options are being changed to .ru addresses by an unknown threat actor.
Huawei Australia: 'No urgency' on government's 5G decision
23 hours agoDespite all the hype and expectations surrounding 5G, Huawei has said there is no urgency on waiting for the Australian government's decision, because the technology will evolve slowly.
Florida Man laundered money for Reveton ransomware. Then Microsoft hired him
1 day agoFormer network engineer gets 18 months in the clink A former Microsoft network engineer will be spending a sojourn behind bars after pleading guilty to conspiracy to commit money laundering.…
Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed
1 day agoSummertiiiiiime, and the hacking is easy Microsoft and Adobe have teamed up to deliver more than 70 patches with this month's Patch Tuesday batch released today.…
IAG open sources AWS frameworks
1 day agoKeeps baking security into code creation for cloud.
Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup
1 day agoMicrosoft rolled out 60 patches for its Patch Tuesday release, impacting 19 critical flaws and 39 important flaws.
Intel discloses three more chip flaws
1 day agoCore and Xeon affected.
Victims Lose Access to Thousands of Photos as Instagram Hack Spreads
1 day agoIn a probable quest to build a botnet, someone is hacking Instagram accounts, deleting handles, avatars and personal details, and linking them to a new email address.
PTC courts security researchers to find IoT vulnerabilities
1 day agoPTC adopts a shared responsibility model to security as it aims to shore up its ThingWorx ecosystem and court researchers looking into IoT.
Oracle: Apply Out-of-Band Patch for Database Flaw ASAP
1 day agoFlaw in the Java VM component of Oracle's Database Server is easily exploitable, security experts warn.
Beyond Spectre: Foreshadow, a new Intel security problem
1 day agoResearchers have broken Intel's Software Guard Extensions, System Management Mode, and x86-based virtual machines.
Hackers manage – just – to turn Amazon Echo into listening device
1 day agoBut it requires custom hardware, firmware and access to your Wi-Fi DEF CON Hackers have managed to hack Amazon's Echo digital assistant and effectively turn it into a listening device, albeit through a complex and hard-to-reproduce approach.…
Intel CPUs Undermined By Fresh Speculative Execution Flaws
1 day ago'Foreshadow" and other vulnerabilities in Intel processors can be exploited to steal sensitive information stored inside personal computers or personal clouds.
Election Websites, Backend Systems Most at Risk of Cyberattack in Midterms
1 day agoBoth adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.
Election Websites, Backend Systems Most at Risk of Cyberattack in Midterms
1 day agoBoth adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.
Oracle: Run, don't walk, to patch this critical Database takeover bug
1 day agoFlaw in House Larry's flagship product allows 'complete compromise' of servers Oracle is advising customers to update their database software following the discovery and disclosure of a critical remote code execution vulnerability.…
Flaws in Mobile Point of Sale Readers Displayed at Black Hat
1 day agoWhile security is high overall for mPOS tools from companies like Square, PayPal, and iZettle, some devices have vulnerabilities that attackers could exploit to gather data and cash.
Microsoft ADFS Vulnerability Lets Attackers Bypass MFA
1 day agoThe flaw lets an attacker use the same second factor to bypass multifactor authentication for any account on the same ADFS service.
Microsoft Flaw Allows Full Multi-Factor Authentication Bypass
1 day agoThis is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building.
Google Services Track User Movements In Privacy Faux Pas
1 day agoA recent report found that Google services - with functions like checking maps, the weather, and search - are tracking users even when they deny permission.
Three more data-leaking security holes found in Intel chips as designers swap security for speed
1 day agoApps, kernels, virtual machines, SGX, SMM at risk from attack Intel will today disclose three more vulnerabilities in its processors that can be exploited by malware and malicious virtual machines to potentially steal secret information from computer memo ...
Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw
1 day agoThe attack targets IKE’s handshake implementation used for IPsec-based VPN connections, opening the door for MiTM attacks or for bad actors to access data carried in VPN sessions.
Web security gets a boost as TLS gets major overhaul
1 day agoExpect wide and fast adoption of the latest web encryption protocol after engineers finalise Transport Layer Security (TLS) version 1.3.
CVE? Nope. NVD? Nope. Serious must-patch type flaws skipping mainstream vuln lists – report
1 day agoInfosec firm fingers 'decentralised' reporting The first half of 2018 saw a record haul of reported software vulnerabilities yet a high proportion of these won’t appear in any mainstream flaw-tracking lists, researcher Risk Based Security (RBS) has clai ...
Washington Man Sentenced in Ransomware Conspiracy
1 day agoA guilty plea brings 18-month sentence on money laundering charges.
'Election Protection' Aims to Secure Candidates Running for Office
1 day agoThe kit is designed to prevent credential theft targeting people running for federal, state, and local elected offices.
Equifax Avoided Fines, but What If ...?
1 day agoLet's imagine the consequences the company would have faced if current laws had been on the books earlier.
Adobe Patch Tuesday: Fixes for Critical Acrobat and Reader Flaws
1 day agoAdobe's August Patch Tuesday release impacts Flash Player, and Acrobat DC and Reader.
Sonatype offers developers free security scan tool on GitHub
1 day agoSonatype helps enterprises identify and remediate vulnerabilities in open source library dependencies and release more secure code. Today, they announced a free tool called DepShield that offers a basic level of protection for GitHub developers. The produ ...
Cybersecurity startup Exabeam raises $50 million Series D
1 day agoExabeam uses data and AI to detect and respond to cyber threats.
Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises
1 day agoArmis' CTO discusses the top IoT security issues in the marketplace today - and whether device manufacturers will start to prioritize security.
ThreatList: Almost All Security Pros Believe Election Systems Are at Risk
1 day agoRespondents in a survey from Venafi said they believe voting machines, encrypted communications from polling stations and databases that store voter registration data are all vulnerable.
New ransomware arrives with a hidden feature that hints at more sophisticated attacks to come
1 day agoNew form of file-locking ransomware has a 'manual' option for more sophisticated attacks.
Google Tracks its Users Even if They Opt-Out of Tracking
1 day agoGoogle is tracking you, even if you turn off tracking: Google says that will prevent the company from remembering where you've been. Google's support page on the subject states: "You can turn off Location History at any time. With Location History off, t ...
Cisco patches router OS against new crypto attack on business VPNs
1 day agoNew attack threatens enterprise VPN and could enable target networks to be impersonated or allow a man-in-the-middle attack.
Podcast: Black Hat and DEF CON 2018 Wrap
1 day agoThe Threatpost team debriefs on the top news and topics from last week's Black Hat and DEF CON conferences.
Hackers can infiltrate police body cameras to tamper with evidence
1 day agoIt is possible that crucial recordings could be modified or deleted due to vulnerabilities in body cam software.
Man-in-the-Disk attacks take advantage of Android storage systems
1 day agoThe novel attack technique relies on Android developers which use lazy storage protocols.
Faxploit: Retro hacking of fax machines can spread malware
1 day ago20th Century tech causing problems in the 21st Video Corporations are open to hacking via a booby-trapped image data sent by fax, a hacker demo at DEF CON suggests.…
Cisco patches IOS in response to boffins' IKE-busting breakthrough
2 days agoSwitchzilla issues update for authentication bypass flaw Cisco has pushed out an update for its internetwork operating system (IOS) and IOS XE firmware in advance of a Usenix presentation on circumventing cryptographic key protocol.…
No backdoors for Australian encryption, just a riddling of ratholes
2 days agoDraft legislation intended to give cops and spooks access to encrypted communications should keep encryption strong. But the powers it proposes aren't just about fighting paedophiles, terrorists, and organised criminals.
Labor promises inquiry into My Health Record
2 days agoConcerned mainly with the opt-out element of the contentious My Health Record, the federal opposition has said it will lead a 'comprehensive' Senate inquiry into the government initiative.
Intel finally emits Puma 1Gbps modem fixes – just as new ping-of-death bug emerges
2 days agoNetwork-throttling modem bug finally gets a write-up and CVE More than 18 months after the issue was first brought to light, Intel is still working to fix the problems caused by its buggy Puma modem chipsets.…
Banks warned of global ATM cash-out campaign
2 days agoAttack of the cloned cards.
Hacker Unlocks 'God Mode' and Shares the 'Key'
2 days agoA researcher proves that it's possible to break the most fundamental security on some CPUs.
It's official: TLS 1.3 approved as standard while spies weep
2 days agoNow all you lot have to actually implement it An overhaul of a critical internet security protocol has been completed, with TLS 1.3 becoming an official standard late last week.…
Canberra gives 'decryption' another crack with draft legislation
2 days agoThe Australian government is still committed to 'no backdoors', publishing draft legislation that will force internet companies to assist law enforcement in decrypting messages sent with end-to-end encryption.
Govt finally reveals how it plans to target encryption
2 days agoCan compel providers to build own tools, but not use vulnerabilities.
Social Engineers Show Off Their Tricks
2 days agoExperts in deception shared tricks of the trade and showed their skills at Black Hat and DEF CON 2018.
Vulnerability Disclosures in 2018 So Far Outpacing Previous Years'
2 days agoNearly 17% of 10,644 vulnerabilities disclosed so far this year have been critical, according to new report from Risk Based Security.
Identifying Programmers by their Coding Style
2 days agoFascinating research de-anonymizing code -- from either source code or compiled code: Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor a ...
'Hack the Marine Corps' Bug Bounty Event Held in Vegas
2 days ago$80K in payouts went to hand-picked hackers in nine-hour event during DEF CON in Las Vegas.
Hammerhead repost for Halvar
2 days agoPosted by Dave Aitel on Aug 13From:https://web.archiv
e.org/web/20040131120103/
http://www.immunitysec.co
m:8010/29/2002
- Fishing for Obscurity
Some sharks and fish have a unique sixth sense – they can generate and
detect electrical fields, even minute on ...
New Variant of KeyPass Ransomware Discovered
2 days agoSamples of the malware have been found in an array of countries, including Brazil and Vietnam.
Voting Village at Defcon
2 days agoPosted by Dave Aitel on Aug 13https://www.usatoday.co
m/story/tech/nation-now/2
018/08/13/11-year-old-hac
ks-replica-florida-electi
on-site-changes-results/9
75121002/
So I don't know a ton about the details of voting machines, but I'm pretty
sure what happene ...
Firefox now supports the newest internet security protocol
2 days agoLast Friday, the Internet Engineering Task Force released the final version of TLS 1.3. This is a major update to TLS 1.2, the security protocol that secures much of the web by, among other things, providing the layer that handles the encryption of every ...
Nigerian National Convicted for Phishing US Universities
2 days agoOlayinka Olaniyi and his co-conspirator targeted the University of Virginia, Georgia Tech, and other educational institutions.
Black Hat 2018: IoT Security Issues Will Lead to Legal ‘Feeding Frenzy’
2 days agoA "wave of litigation over IoT liability is on the horizon," according to an attorney who has represented plaintiffs in the 2015 Jeep hack.
GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig
2 days agoConfiguration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets.
DEF CON 2018: ‘Man in the Disk’ Attack Surface Affects All Android Phones
2 days agoSloppy Android developers not following security guidelines for external storage opens the door to device takeover and more.
PCs still infected with Andromeda botnet malware, despite takedown
2 days agoOne of the largest botnets was taken out by the authorities last year - but large numbers of PCs remain infected.
FBI Warns of Cyber Extortion Scam
2 days agoSpear-phishing techniques are breathing new life into an old scam.
Security researchers found a way to hack into the Amazon Echo
2 days agoHackers at DefCon have exposed new security concerns around smart speakers. Tencent’s Wu HuiYu and Qian Wenxiang spoke at the security conference with a presentation called Breaking Smart Speakers: We are Listening to You, explaining how they hacked int ...
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
2 days agoMike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
U.S. House Candidates Vulnerable To Attacks
2 days ago
US voting systems: Full of holes, loaded with pop music, and hacked in 10 min by an 11-year-old
2 days agoGood luck voting in November, folks in US, you're going to need it DEF CON Hackers of all ages have been investigating America’s voting machine tech and the results aren’t good - one enterprising 11 year-old named Emmet managed to hack a simulated S ...
The Data Security Landscape Is Shifting: Is Your Company Prepared?
2 days agoNew ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
The future of IoT? State-sponsored attacks, say security professionals
2 days agoIT security professionals believe that nation states will begin to exploit smart, connected devices in the next 12 months.
DEF CON 2018: Voting Hacks Prompt Push Back from Election Officials, Vendors
2 days agoThe Vote Hacking Village invited attendees – including kids as young as six – to hack the voting infrastructure, including ballot machines, a voter database and more.
Criminal justice software code could send you to jail and there’s nothing you can do about it
2 days agoTrade secrets are trumping personal liberty DEF CON American police and the judiciary are increasingly relying on software to catch, prosecute and sentence criminal suspects, but the code is untested, unavailable to suspects' defense teams, and in some ...
Apple macOS vulnerability paves the way for system compromise with a single click
2 days agoTampering with two lines of code unveiled a serious bug which could lead to full system compromise.
Cybercrime: Why can't the Middle East get to grips with the threats?
2 days agoThe region's been investing heavily in tackling cybercrime but remains disproportionately affected.
Prank 'Give me a raise!' email nearly lands sysadmin with dismissal
2 days agoStaffer learns hard way: boss jokes don't mix well with infosec demos Who, Me? Welcome again to Who, Me?, where we invite Reg readers to begin the week crossing their fingers it will be better than those of our featured techies.…
25 Android smartphone models contain severe vulnerabilities off the shelf
2 days agoResearchers say that the swathe of bugs impacts major vendors.
Former NSA top hacker names the filthy four of nation-state hacking
2 days agoCarefully omits to mention the Land of the Free DEF CON Rob Joyce, the former head of the NSA’s Tailored Access Operations hacking team, has spilled the beans on which nations are getting up to mischief online.…
UK cyber cops: Infosec pros could help us divert teens from 'dark side'
2 days agoPolice seek mentor-like techies to help talented kids UK police are looking to cybersecurity firms to help implement a strategy of steering youngsters away from a life in online crime.…
Flaws in ACT election systems could reveal voters' votes
2 days agoAccurate timing data about votes, and the order in which they're cast, can be enough to reveal individual voters' secret ballots.
DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack
3 days agoA malicious fax sent to an HP Inc. OfficeJet all-in-one inkjet printer can give hackers control of the printer and act as a springboard into an attached network environment.
Hackers can steal data from the enterprise using only a fax number
3 days agoFax machines are still widely used by businesses and a communications protocol vulnerability is leaving them exposed to cyberattacks.
Microsoft mulls software isolation chambers for Win10 Enterprise
3 days ago"InPrivate Desktop" mode to ensure unexpected code can't touch OS.
DEF CON 2018: Apple 0-Day (Re)Opens Door to ‘Synthetic’ Mouse-Click Attack
3 days agoApple 0-Day allows hackers to mimic mouse-clicks for kernel access, despite mitigations.
DEF CON 2018: Hacking Medical Protocols to Change Vital Signs
4 days agoLAS VEGAS – In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other g ...
DEF CON 2018: Telltale URLs Leak PII to Dozens of Third Parties
4 days agoAnalytics, advertising and other web scripts can capture information housed in user confirmations for flight bookings, food delivery, medical testing and more.
Snap code snatched, Pentagon bans bands, pacemakers cracked, etc
4 days agoNew zero-day vendor opens up shop, and more in infosec this week Roundup This week, the infosec world descended on Las Vegas for BlackHat and DEF CON to share stories of bug hunting, malware neural nets, hefty payout offers, and more.…
Vulnerable Smart City Devices Can Be Exploited To Cause Panic, Chaos
5 days agoFalse alerts about floods, radiation levels are just some of the ways attackers can abuse weakly protected IoT devices, researchers warn.
Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures
5 days agoInteresting video of a robot grabber that's delicate enough to capture squid (and even jellyfish) in the ocean. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guide ...
The off-brand 'military-grade'
; x86 processors, in the library, with the root-granting backdoor
5 days agoDive into a weird and wonderful 'feature' of Via's embedded hardware chips Black Hat A forgotten family of x86-compatible processors still used in specialist hardware, and touted for "military-grade security features," has a backdoor that malware and ro ...
Chris Valasek and Charlie Miller: How to Secure Autonomous Vehicles
5 days agoFamous car hackers Chris Valasek and Charlie Miller returned to Black Hat to discuss how manufacturers can secure autonomous vehicles.
NSA Brings Nation-State Details to DEF CON
5 days agoThousands of hackers were eager to hear the latest from the world of nation-state cybersecurity.
Federacy wants to put bug bounty programs in reach of every startup
5 days agoFederacy, a member of the Y Combinator Summer 2018 class, has a mission to make bug bounty programs available to even the smallest startup. Traditionally, bug bounty programs from players like BugCrowd and HackerOne have been geared toward larger organiza ...
xkcd on Voting Computers
5 days agoFunny and true.
Facebook now requiring Pages with large US audiences to go through additional authorization
5 days agoFacebook today announced it’s implementing a new measure to secure Facebook Pages with large U.S. followings in order to make it harder for people to administer a Page using a “fake or compromised account.” Beginning with those that have large U.S. ...
AWS Error Exposed GoDaddy Biz Secrets
5 days ago
Spec-Exec CPU Bugs Sweep Hacking Oscars
5 days ago
Flying drones near wildfires could kill people: Don't do it
5 days agoThe bottom line is simple: Flying a drone near a wildfire could cause catastrophic damage. Don't do it.
Black Hat 2018: Voice Authentication is Broken, Researchers Say
5 days agoResearchers crack voice authentication systems by recreating any voice using under ten minutes of sample audio.
The Enigma of AI & Cybersecurity
5 days agoWe've only seen the beginning of what artificial intelligence can do for information security.
Hi-de-Hack! Redcoats red-faced as Butlin's holiday camp admits data breach hit 34,000
5 days agoStaff opened phishing email Holiday camp and British institution Butlin's has admitted 34,000 visitor records have been compromised.…