security.didici.cc
Australia's encryption-busting bill also after PINs, passwords
1 hour agoHome Affairs proposes simpler mechanism to get at data.
Flaws in telepresence robots allow hackers access to pictures, video feeds
4 hours agoVendor has patched two of five reported bugs. Three patches are in the works.
Cyber Espionage Campaign Reuses Code from China's APT1
5 hours agoUS, Canadian organizations in crosshairs of group with apparent links to a Chinese military hacking unit that wreaked havoc several years ago.
Fearing election hacking, EU leaders to ready sanctions
5 hours agoNew curbs on online campaigning interference rushed through.
How to Get Consumers to Forgive You for a Breach
5 hours agoIt starts with already-established trust, a new survey shows.
Talk about a curveball: Microsoft director of sports marketing fired, charged with fraud over 'fake' invoices
6 hours agoHe tells investigators: 'I was hacked!' Microsoft's former director of sports marketing has been indicted on five counts of wire fraud, based on allegations that he created fake invoices to defraud the software giant and sold its property as his own.…
Equifax exec's inside trade shame: Software boss sentenced for mega-hack stock profit
6 hours agoThrown in the small house rather than the big house An Equifax executive – who knew the biz had been hacked before it was made public and banked over $75,000 in stock trades using this inside knowledge – has avoided jail.…
New APT Could Signal Reemergence of Notorious Comment Crew
7 hours agoA custom malware used in a five-pronged APT espionage campaign was largely built from the defunct Comment Crew's proprietary code.
New Security Woes for Popular IoT Protocols
7 hours agoResearchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
Audits: The Missing Layer in Cybersecurity
7 hours agoInvolving the audit team ensures that technology solutions are not just sitting on the shelf or being underutilized to strategically address security risks.
Former Equifax Manager Sentenced for Insider Trading
8 hours agoSudhakar Bonthu bought and sold Equifax stock options prior to the public disclosure of its 2017 data breach.
7 Ways A Collaboration System Could Wreck Your IT Security
10 hours agoThe same traits that make collaboration systems so useful for team communications can help hackers, too.
Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
11 hours agoTumblr stressed that there is no evidence the security bug was being abused or that unprotected account data was accessed.
Open source web hosting software compromised with DDoS malware
11 hours agoSome VestaCP servers were infected with a new malware strain named Linux/ChachaDDOS.
GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure
11 hours agoThe group is a successor to BlackEnergy and a subset of the TeleBots gang--and its activity is potentially a prelude to a much more destructive attack.
Apache Access Vulnerability Could Affect Thousands of Applications
11 hours agoA recently discovered issue with a common file access method could be a major new attack surface for malware authors.
INFILTRATE 2019 - How Far Is The Horizon?
11 hours agoPosted by Dave Aitel on Oct 18[image: IMG_20181016_075725-EFFEC
TS.jpg]
Come talk at INFILTRATE this year! CFP Here .
Here is why you should:
- This is the only conference where the audience is other exploit writers
- You get a very valuable peer rev ...
Getting Up to Speed with "Always-On SSL"
11 hours agoWebsites can avoid the negative consequences of a "not secure" label from Google Chrome 68 by following four AOSSL best practices.
Oceansalt Linked To Defunct Chinese APT Comment Crew
12 hours ago
Inside the Dark Web's 'Help Wanted' Ads
12 hours agoHow cybercriminals recruit everyone from car drivers to corporate insiders and pay them according to the risk they assume.
My Health Record inquiry backs away from return to opt-in
13 hours agoBut has a slew of security improvements.
GitHub security alerts now support Java and .NET projects
14 hours agoGitHub also launches Token Scanning tool and new Security Advisory API.
Government Perspective on Supply Chain Security
14 hours agoThis is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now.
Take a video tour of Facebook’s election security war room
16 hours agoBeneath an American flag, 20 people packed tight into a beige conference room are Facebook’s, and so too the Internet’s, first line of defence for democracy. This is Facebook election security war room. Screens visualize influxes of foreign political ...
Apple to US users: Here's how you can now see what personal data we hold on you
16 hours agoApple's privacy tools now go beyond Europe, so more now get to download the personal data it has collected.
DTA attacks China-style social credit claims about Govpass digital identity
17 hours agoRubbishes report from defence thinktank ASPI.
Someone's in hot water: Tea party super PAC group 'spilled 500, 000+ voters' info' all over web
19 hours agoPosted by InfoSec News on Oct 17https://www.theregister
.co.uk/2018/10/17/republi
can_tea_party_fund_securi
ty_blunder/
By Chris Williams
Editor in Chief
The Register
17 Oct 2018
Now, now, America. Don't go overboard. Again.
More than half a million folks' n ...
Stripe hires Niels Provos away from Google to be its new head of security
19 hours agoPosted by InfoSec News on Oct 17https://techcrunch.com/
2018/10/17/stripe-hires-n
iels-provos-away-from-goo
gle-to-be-its-new-head-of
-security/
By Ingrid Lunden
Techcrunch
Oct 17, 2018
On the heels of raising new funding on a $20 billion valuation, payments ...
Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months
19 hours agoPosted by InfoSec News on Oct 17https://www.zdnet.com/a
rticle/researcher-finds-s
imple-way-of-backdooring-
windows-pcs-and-nobody-no
tices-for-ten-months/
By Catalin Cimpanu
Zero Day
ZDNet
October 17, 2018
A security researcher from Colombia has found a way ...
Can your flight be hacked?
19 hours agoPosted by InfoSec News on Oct 17https://www.ft.com/cont
ent/2e416eca-4e3d-11e8-ac
41-759eee1efb74
By Peggy Hollinger
Financial Times
Oct 16, 2018
It took Robert Hickey and his team of researchers just two days to do what
the aerospace industry had insisted ...
Meet GreyEnergy, the newest hacking group hitting Ukraine's power grid
19 hours agoPosted by InfoSec News on Oct 17https://www.cyberscoop.
com/greyenergy-eset-ukrai
ne-sandworm-telebots/
By Sean Lyngaas
CYBERSCOOP
OCT 17, 2018
Ever since the seminal cyberattacks on the Ukrainian power grid in 2015
and 2016, researchers have traced the ev ...
Senate inquiry recommends locking down My Health Record by default
20 hours agoA comprehensive review of Australia's centralised digital health record has recommended extending the opt-out period by another 12 months while privacy controls are significantly tightened.
Oceansalt cyberattack wave linked to defunct Chinese APT Comment Crew
22 hours agoThe source code of malware from the ancient Chinese military-affiliated group appears to have changed hands.
MIT invention builds memory walls to protect against Meltdown, Spectre attacks
22 hours agoThe new system could potentially prevent similar memory-based attacks from risking our PCs and global services.
MIT researchers say memory splitting breakthrough could prevent another Meltdown or Spectre
22 hours agoVirtually every modern computer processor was thrown under the bus earlier this year when researchers found a fundamental design weakness in Intel, AMD and ARM chips, making it possible to steal sensitive data from the computer’s memory. The Meltdown ...
Australia's anti-encryption legislation fails to address human rights concerns: Committee
1 day agoThe Australian Parliament's own human rights watchdog committee has identified a raft of concerns with the Assistance and Access Bill 2018, and is 'seeking additional information'.
Decoding the Google Titan, Titan, and Titan M – that last one is the Pixel 3's security chip
1 day agoChocolate Factory opens lid, just a little, on secure boot and crypto phone coprocessor People in the Googleplex need to talk to each other more: the Chocolate Factory has launched a third product with “Titan” in its name, and it's only related to one ...
Victoria Police to get real-time number plate recognition capability
1 day agoUnder the AU$17.3 million deal, Motorola is also providing the police force with in-car video technology.
Tumblr turns stumblr, left humblr: Blogging biz blogs bloggers' private info to world+dog
1 day ago'No evidence' vulnerability was abused, though, we're told Tumblr today reveal it has fixed a security bug in its website that quietly revealed private details of some of its bloggers.…
3 Years After Attacks on Ukraine Power Grid, BlackEnergy Successor Poses Growing Threat
1 day agoIn what could be a precursor to future attacks, GreyEnergy is targeting critical infrastructure organizations in Central and Eastern Europe.
Equifax engineer who designed breach portal gets 8 months of house arrest for insider trading
1 day agoSEC said engineer figured out on its own that the website he was building was for his own company's security breach.
Oracle Issues Massive Collection of Critical Security Updates
1 day agoThe software updates from Oracle address a record number of vulnerabilities.
(ISC) 2 : Global Cybersecurity Workforce Short 3 Million People
1 day agoWith the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
Someone's in hot water: Tea party super PAC group 'spilled 500,000+ voters' info' all over web
1 day agoLeaky AWS S3 bucket fingered by infosec bods Now, now, America. Don't go overboard. Again.…
Hackers launch malware attacks on energy and transport companies
1 day agoGreyEnergy linked to Russia's GRU military intelligence.
Apple launches GDPR-style privacy tools for users
1 day agoView, correct and delete what Big A has collected on you.
Tumblr discloses vulnerability but says 'no evidence that this bug was abused'
1 day agoBug hunter finds security flaw in Tumblr's "Recommended Blogs" widget.
LuminosityLink spyware mastermind gets 30 months in the clink, forfeits $725k in Bitcoin
1 day agoGrubby Grubbs' grifting days are gone A programmer who wrote and sold software that backdoored PCs so they could be remotely controlled has been jailed for 30 months – and forced to give up his stash of 114 Bitcoins.…
Oracle Fixes 301 Flaws in October Critical Patch Update
1 day agoThe update includes one critical flaw in Oracle GoldenGate with a CVSS 3.0 score of 10.0.
Cybercrime-as-a-Service: No End in Sight
1 day agoCybercrime is easy and rewarding, making it a perfect arena for criminals everywhere.
SEC Warns Public Companies on Accounting Control Use
1 day agoA new SEC investigative report urges public organizations to keep cyberthreats in mind when implementing internal accounting tools.
Startup Spun Out of Securosis Secures $2.5 Million Seed Investment
1 day agoDistruptOps officially rolls out its SaaS for automating control of cloud operations and security.
libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers
1 day agoThe flaw affects thousands of servers; but GitHub, a major libssh user, is unaffected.
Tumblr says it’s fixed a security bug, but says ‘no evidence’ any user data was exposed
1 day agoTumblr has disclosed a security vulnerability on its site that in some cases could have exposed account information. The bug was found in the part of the site that recommends other Tumblr blogs to users, according to a blog post. The blogging site said th ...
Brazil attempts last minute solutions to control fake news spreading
1 day agoLocal electoral court plays catch up in tackling the issue and seeks answers from tech giants - 11 days before citizens head to the polls.
Podcast: A Utility Ransomware Attack, Post-Hurricane
1 day agoA “critical water utility” was hit by a recent ransomware attack, significantly impeding the service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority (ONWASA) said in a Monday release that a “ ...
How easy is serverless computing to use?
1 day agoHere we look at serverless usability - for both developers and admins
Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months
1 day ago"RID Hijacking" technique lets hackers assign admin rights to guest and other low-level accounts.
Multiple D-Link Routers Open to Complete Takeover with Simple Attack
1 day agoThe vendor only plans to patch two of the eight impacted devices, according to a researcher.
Twitter publishes information ops data from Russia, Iran for research
1 day agoThe datasets are bulky, but may give researchers some insight to how these information ops work on Twitter.
The Three Dimensions of the Threat Intelligence Scale Problem
1 day agoTo succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
1 day agoThe update also features 23 security fixes.
GreyEnergy: New malware campaign targets critical infrastructure companies
1 day agoSecurity researchers warn of cyber-espionage activity by group which has links to some of the most destructive cyber attacks of recent times.
Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers
1 day agoThe flaw impacted patients with pacemakers, implantable defibrillators, cardiac resynchronization devices and insertable cardiac monitors.
Rapid7 acquires web app security developer tCell
1 day agoThe deal is designed to boost Rapid7's Insight platform.
Last year, D-Link flubbed a router bug-fix, so it's back with total pwnage
1 day agoPlain text password storage? Check. Directory traversal? Check. SOHOpeless? Check Eight D-Link router variants are vulnerable to complete pwnage via a combination of security screwups, and only two are going to get patched.…
Creator of remote access tool LuminosityLink sent behind bars
1 day agoThe RAT software was a popular choice for cyberattackers.
NPP opens API sandpit for independents to play
1 day agoSIBOS puts global eyes on Australia’s payments rehab.
Security flaw in libssh leaves thousands of servers at risk of hijacking
1 day agoVulnerability not as bad as it gets, as most servers use the openssh library to support server-side SSH logins.
The 'Donald Daters' Trump Dating App Exposed Its Users' Data
1 day agoPosted by InfoSec News on Oct 16https://motherboard.vic
e.com/en_us/article/mbdwb
3/the-donald-daters-trump
-dating-app-exposed-a-loa
d-of-its-users-data
By Joseph Cox and Jason Koebler
Motherboard.vice.
com
Oct 15, 2018
"Make America Date Again," the website ...
Facebook's former security chief warns of tech's 'negative impacts' -- and has a plan to help solve them
1 day agoPosted by InfoSec News on Oct 16https://www.washingtonp
ost.com/technology/2018/1
0/16/facebooks-former-sec
urity-chief-warns-techs-n
egative-impacts-has-plan-
help-solve-them/
By Craig Timberg and Elizabeth Dwoskin
The Washington Post
October 16, 2018
For two ...
How Intel's Chief Software Security Officer is reshaping the chip giant
1 day agoPosted by InfoSec News on Oct 16https://www.engadget.co
m/2018/10/13/intel-window
-snyder-interview-securit
y/
By Devindra Hardawar
Engadget.com
10.
13.18
Window Snyder transformed how Microsoft, Apple and Mozilla dealt with
software threats. She served as t ...
Intel partners with Rolls-Royce to develop autonomous cargo ships
1 day agoPosted by InfoSec News on Oct 16https://venturebeat.com
/2018/10/15/intel-partner
s-with-rolls-royce-to-dev
elop-autonomous-cargo-shi
ps/
By CHRIS O'BRIEN
Venture Beat
OCTOBER 15, 2018
Rolls-Royce today announced that it would use Intel chips as it develops a ...
DHS Downplays Report That Data Thieves Are Selling Millions of Voters' Data
1 day agoPosted by InfoSec News on Oct 16https://www.defenseone.
com/technology/2018/10/dh
s-downplays-report-data-t
hieves-are-selling-millio
ns-voters-data/152051/
BY PATRICK TUCKER
TECHNOLOGY EDITOR
Defense One
OCTOBER 15, 2018
Various data on up to 35 million U.S. ...
Oracle patches 301 vulnerabilities, including 46 with a 9.8+ severity rating
1 day agoThis wasn't Oracle's biggest patch ever. That title goes to the July 2018 CPU.
Party like it's 1987... SVGA code bug haunts VMware's house, lets guests flee to host OS
1 day agoMalicious code in VMs can leap over ESXi, Workstation, Fusion hypervisor security Get busy, VMware admins and users: the virtualisation virtuoso has patched a programming blunder in ESXi, Workstation Pro and Player, and Fusion and Fusion Pro products that ...
OAIC calls for sunset clause on encryption-busting Bill and warns of privacy risks
1 day agoThe Office of the Australian Information Commissioner seeking greater transparency and judicial oversight to Australia's proposed Assistance and Access Bill.
Facial recognition tech allows passengers to clear airport security in Shanghai
1 day agoShanghai Hongqiao International Airport has unveiled facial recognition-powered self-service kiosks for flight and baggage check-in, security clearance, and boarding.
Virtual graphics cards create critical VMware risk
2 days agoGuest-host escape on vSphere and desktop hypervisors.
FICO & US Chamber of Commerce Score Cyber-Risk Across 10 Sectors
2 days agoMedia, telecom, and technology firms are far more likely to experience a data breach in the near future than organizations in sectors including energy, construction, and transportation.
Thought Patch Tuesday was a load? You'll want to avoid this Oracle mega-advisory then
2 days agoBut you'll definitely want to check out the libssh bug Oracle has released a wide-ranging security update to address more than 300 CVE-listed vulnerabilities in its various enterprise products.…
Chrome 70 released with revamped Google account login system
2 days agoChrome 70 also comes with support for the final version of the TLS 1.3 standard and the AV1 video format.
As End of Life Nears, More Than Half of Websites Still Use PHP V5
2 days agoSupport for PHP 5.6 drops on December 31 - but a recent report found that almost 62 percent of websites are still using version 5.
Visa to stop Australian online merchants from storing credit card numbers
2 days agoStore checkouts to be issued with tokens to thwart breaches.
NATO cyber command grapples with attack rules
2 days agoStruggles with ground rules for attacks.
Insult to injury: malware menace soaks water-logged Carolina utility
2 days agoHurricane-ravaged waterworks having to rebuild from scratch. A North Carolina water company already dealing with the aftermath of Hurricane Florence will now have to juggle a complete IT rebuild, thanks to a nasty ransomware infection.…
Alphabet in the soup for keeping quiet about Google+ data leak bug
2 days agoInvestors sue over failure to 'fess up in financial filings Google's parent has been hit with a lawsuit for failing to disclose to investors a bug – secretly fixed in March – that could have exposed half a million users' data.…
A Cybersecurity Weak Link: Linux and IoT
2 days agoLinux powers many of the IoT devices on which we've come to rely -- something that enterprises must address.
Anthem, Apple and the Pentagon: A Data-Breach Cornucopia
2 days agoA record fine and two new compromises kick off the autumn compromise season.
INFILTRATE 2019
2 days agoPosted by Dave Aitel on Oct 16Brainspace multi-language dogs vs cats video:https://vimeo.com/2
95031710/cab5239619
Explo
iting branch target prediction, Jann Horn, INFILTRATE 2018https://vimeo.com/270
442911
So I wanted to point people at the above videos to ...
In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack
2 days agoThe Emotet Trojan is behind a crippling ransomware attack that hit the Onslow Water and Sewer Authority.
NC Water Utility Fights Post-Hurricane Ransomware
2 days agoNorth Carolina's Onslow Water and Sewer Authority was hit with an advanced attack in the wake of Hurricane Florence.
Rapid7 Acquires tCell
2 days agoThe purchase brings together a cloud security platform with a web application firewall.
Medical device maker Medtronic finally fixes its hackable pacemaker
2 days agoMedtronic, a maker of medical devices and implants, has pulled the plug on its internet-based software update system, which security researchers had found had a dangerous security vulnerability The company said in a notice this week that it’s switching ...
Facebook rolls out checks for UK political ads
2 days agoFacebook has announced it rolled out a system of checks on political ads run on its platform in the UK which requires advertisers to verify their identity and location to try to make it harder for foreign actors to meddle in domestic elections and refere ...
ThreatList: Half of Execs Feel Unprepared to Respond to a Cyber-Incident
2 days agoDeloitte estimates cybercrime costs to reach $6 trillion annually -- but companies still lag in preparedness.
Facebook Expands Efforts to Squash Voter Suppression
2 days agoThe social network will crack down on those spreading disinformation in an effort to keep people away from the polls.
6 Reasons Why Employees Violate Security Policies
2 days agoGet into their heads to find out why they're flouting your corporate cybersecurity rules.
Privacy Regulation Could Be a Test for States’ Rights
2 days agoAs more states take cybersecurity and privacy issues into their own hands, experts worry that big tech will push for preemption.
UK's National Cyber Security Centre gives itself big ol' pat on the back in annual review
2 days agoNixing 139k phishing sites is pretty good going to be fair Despite companies "hanging up" when GCHQ rings them to say they've been hacked (true story), "the UK has avoided a category 1 [infosec incident]", according to National Cyber Security Centre chief ...
Spies Among Us: Tracking, IoT & the Truly Inside Threat
2 days agoIn today's ultra-connected world, it's important for users to understand how to safeguard security while browsing the web and using electronic devices.
Zero-days, fileless attacks are now the most dangerous threats to the enterprise
2 days agoThese attacks cost the average organization millions and SMBs are the worst affected.
Microsoft Co-Founder Paul Allen Dies At 65
2 days ago
6 Reasons Why Employees Violate Security Policies
2 days agoGet into their heads to find out why they're flouting your corporate cybersecurity rules.
6 Reasons Why Employees Violate Security Policies
2 days agoGet into their heads to find out why they're flouting your corporate cybersecurity rules.
Epson reported to Texas AG for bricking third-party ink cartridges
2 days agoEFF argues Epson's practice is making users avoid installing firmware updates, leaving millions of printers and companies vulnerable to cyber attacks.
GPU-Z now warns users if they have purchased fake Nvidia graphics cards
2 days agoAs the demand for high-power graphics cards continues to surge, some sellers are seeking to cash in on Nvidia's name.
Tech-support scams: Microsoft reveals that fraudsters are still fooling too many people
2 days agoMore people are wary of unsolicited contact from tech firms but tens of thousands still fall victim.
Anthem agrees to pay $16 million in data breach privacy settlement
2 days agoThe insurer will shell out to settle a privacy violations case issued by the US government.
Privacy for Tigers
2 days agoRoss Anderson has some new work: As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching. Wildlife crime syndicates can not only coordinate better but can mine growing public data sets, often of geotagged images. ...
Temasek snaps up Sygnia, founded by Israel's NSA, in $250m deal
2 days agoThe cybersecurity consulting firm was created by former members of Israel's 8200 unit.
Hackers tamper with exploit chain to drop Agent Tesla, circumvent antivirus solutions
2 days agoA new campaign is spreading information-stealing malware including Agent Tesla and Loki.
CIA, NSA and the Pentagon still aren’t using a basic email security feature
2 days agoSome of the most sensitive U.S. government departments and agencies still aren’t using a basic email security feature that would significantly cut down on incoming spam or phishing emails. Fifteen percent of all U.S. government domains still aren’t em ...
Visa to stop online stores from holding credit card numbers
2 days agoMerchants to be issued with tokens to thwart breaches.
Hostile states will attempt deadly cyber attacks on UK, warns NCSC
2 days agoThe UK has faced hundreds of cyber incidents in the past two years, but the biggest test is probably still to come.
Major browsers simultaneously drop support for old security standards
2 days agoPosted by InfoSec News on Oct 16https://techcrunch.com/
2018/10/15/major-browsers
-simultaneously-drop-supp
ort-for-old-security-stan
dards/
By Devin Coldewey
Techcrunch.com
O
ct 15, 2018
Firefox, Chrome, Edge, Internet Explorer and Safari are all dropping
su ...
IBM brings artificial intelligence to the heart of cybersecurity strategies
2 days agoPosted by InfoSec News on Oct 16https://www.zdnet.com/a
rticle/why-artificial-int
elligence-is-at-the-core-
of-ibm-cybersecurity-stra
tegies/
By Charlie Osborne
Zero Day
ZDNet
October 15, 2018
IBM has launched IBM Security Connect, a new platform designed to ...
Insurer Anthem will pay record $16M for massive data breach
2 days agoPosted by InfoSec News on Oct 16https://chicago.suntime
s.com/news/insurer-anthem
-will-pay-record-16m-for-
massive-data-breach/
By Ricardo Alonso-Zaldivar
Associate
d Press
10/15/2018
WASHINGT
ON -- The nation's second-largest health insurer has agreed to pay ...
Debunking the cybersecurity thought that humans are the weakest link
2 days agoPosted by InfoSec News on Oct 16https://www.healthcarei
tnews.com/news/debunking-
cybersecurity-thought-hum
ans-are-weakest-link
By Tom Sullivan
Healthcare IT News
October 15, 2018
BOSTON - The time has come to move beyond the security mantra "don't click
o ...
Coast Guard Academy Launches New Cyber Systems Major, $1.3M Cyber Lab
2 days agoPosted by InfoSec News on Oct 16https://www.nbcconnecti
cut.com/news/local/Coast-
Guard-Academy-Launches-Cy
ber-Systems-Major-13M-Cyb
er-Lab-497289001.html
By Heather Burian
nbcconnecticut.com
Oct 12, 2018
A brand-new cyber lab at the Coast Guard Academy in N ...
Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019
2 days agoIE, Edge, Safari, Firefox, Chrome, all planning to deprecate lousy old versions by 2020 Sysadmins and netizens, it's time to get serious about killing off old, buggy and insecure versions of Transport Layer Security (TLS) – the encryption used to secure ...
Line lists cryptocurrency on Bitbox exchange
2 days agoJapanese tech vendor puts its digital token Link on its recently launched exchange Bitbox, making it available for trade with three cryptocurrencies: Bitcoin, Ethereum, and Tether.
Czech intelligence service shuts down Hezbollah hacking operation
2 days agoHezbollah agents used Facebook profiles for attractive women to trick targets into installing spyware-infected apps.
US senators reportedly warn Trudeau to ban Huawei on 5G
2 days agoCanadian Prime Minister Justin Trudeau has reportedly been warned by two US senators to exclude Huawei from taking part in nationwide 5G mobile network deployments.
IBM puts tactical cybersecurity centre into a truck
3 days agoTakes training and response rig on the road.
Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing
3 days agoDonald Daters application more insecure than the president A much-hyped dating site for Donald Trump supporters in the US is being blasted for shoddy security that may have exposed all of its users to eavesdropping and account theft.…
Donald Daters, a dating app for Trump supporters, leaked its users’ data
3 days agoA new dating app for Trump supporters that wants to “make America date again” has leaked its entire database of users — on the day of its launch. The app, called “Donald Daters,” is aimed at “American-based singles community connecting lovers, ...
Hunt for Red Bugtober: US military's weapon systems riddled with security holes – auditors
3 days agoDeath from a-bug. Dr Strange-bug. Top Bug. We could do this all day... Computer security vulnerabilities are widespread in US military hardware, and the Pentagon is only beginning to understand how to fix them.…
6 Security Trends for 2018/2019
3 days agoSpeaking at the Gartner Symposium/ITxpo, analyst Peter Firstbrook's list of trends is likely to inform executive committee conversations for the next 12 months.
Ahead of midterm elections, Facebook expands ban on posts aimed at voter suppression
3 days agoFacebook is expanding its ban on false and misleading posts that aim to deter citizens from voting in the upcoming midterm elections. The social media giant is adding two more categories of false information to its existing policy, which it introduced i ...
IBM Builds 'SOC on Wheels' to Drive Cybersecurity Training
3 days agoA tractor trailer housing a Cyber Tactical Operation Center will travel throughout the US and Europe for incident response training, security support, and education.
Major browsers simultaneously drop support for old security standards
3 days agoFirefox, Chrome, Edge, Internet Explorer, and Safari are all dropping support for older versions of the the online security protocol TLS, used in practically any encrypted exchange online. While few people or machines are using the long-unsafe TLS 1.0 and ...
Mozilla warns decryption laws will break open source
3 days agoAnd cause users to distrust automatic updates.
Millions of Voter Records Found for Sale on the Dark Web
3 days agoVoter registration databases from 19 US states are being hawked in an underground hacking forum, researchers say.
Rivals ARM and Intel team to secure Internet of Things
3 days agoCross-platform manageability should mean more thing updates, more often.
Up to 35 Million 2018 Voter Records For Sale on Hacking Forum
3 days agoJust weeks before the midterms, voter information from 19 states has turned up on the Dark Web.
IBM brings artificial intelligence to the heart of cybersecurity strategies
3 days agoIBM hopes to bring AI, data, and cybersecurity vendors together to tackle ongoing and new threats through the launch of a new open platform.
IBM launches IBM AI OpenScale to combat AI sprawl as part of broad open strategy
3 days agoIBM AI OpenScale, Multi-cloud Manager and IBM Security Connect equate to a strategic push by Big Blue to be the agnostic integrator and platform provider for key enterprise technologies.