security.didici.cc

Turnbull opens Australian Cyber Security Centre HQ

3 hours ago

The federal government said the new headquarters of Australia's cybersecurity centre will be a central hub for cybersecurity information, advice, and assistance to all Australians.

Brazilian president signs data protection bill

4 hours ago

The new rules will be enforced in 18 months, when public and private sector organizations collecting data should be fully compliant.

Australian Cyber Security Centre finally gets its own office

4 hours ago

New threat and advice website cyber.gov.au created.

Mozilla-endorsed security plug-in accused of tracking users

6 hours ago

Web Security says there's nothing nefarious to its URL collection A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity.…

Making money mining Coinhive? Yeah, you and nine other people

6 hours ago

10 users controlling the bulk of cryptocoin generator funds Mining internet currency on websites with Coinhive scripts is a lucrative endeavor, but only for a handful of people.…

Intel Reveals New Spectre-Like Vulnerability

7 hours ago

A new side-channel speculative execution vulnerability takes aim at a different part of the CPU architecture than similar vulnerabilities that came before it.

Miller & Valasek: Security Stakes Higher for Autonomous Vehicles

9 hours ago

Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.

Britain's biggest banks report 64 payment outages in last 3 months

9 hours ago

Security or operational incidents cut customers off.

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

9 hours ago

The tricky Cortana flaw, CVE-2018-8253, was addressed by Microsoft during Patch Tuesday.

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

9 hours ago

In testing, an Internet of Things (IoT) botnet of large, power-consuming appliances was used to carry out coordinated attacks on the energy grid.

2018 Pwnie Awards: Who Pwned, Who Got Pwned

10 hours ago

A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.

India's Cosmos bank raided for $13m by hackers

10 hours ago

Report points finger at North Korea for cyber-heist Cosmos Bank in India says that hackers made off with $13.4m in stolen funds over the weekend.…

Support for ageing key exchange crypto leaves VPNs open to attack

10 hours ago

Ancient issue causing new ones Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs).…

Bitcoin backer sues AT&T for $240m over stolen cryptocurrency

11 hours ago

Michael Terpin not happy about funds-draining SIM swap fraud A bitcoin investor is suing AT&T for $240m after it allegedly ported his phone number to a hacker, allowing the criminal to steal $24m in cryptocurrency.…

Alibaba takes more cloud products global, eyes APAC growth

11 hours ago

Chinese internet giant talks up new product releases such as Anti-Bot Service and its datacentre footprint in Asia-Pacific as key differentiators against cloud rivals, Amazon Web Services and Google.

Before taking that DNA test: Six things you need to know

13 hours ago

As DNA testing becomes more common, more and more of us are spitting saliva. But what exactly is a DNA test? How does it work? What are the implications? We try to answer these questions here.

Digital risk protection in 2018: New vendors, new leaders, new wave

13 hours ago

Here are the capabilities that security and risk professionals should prioritize when selecting a Digital Risk Protection solution.

Gartner Says IT Security Spending to Hit $124B in 2019

13 hours ago

Global IT security spending will grow 12.4% in 2018 and another 8.7% in 2019.

Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files

14 hours ago

Researchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.

Former Microsoft engineer sent behind bars for role in ransomware extortion scheme

14 hours ago

The engineer was neck-deep in laundering proceeds from Reveton ransomware victims.

Instagram Hack: Hundreds Affected, Russia Suspected

15 hours ago

Affected users report the email addresses linked to their Instagram accounts were changed to .ru domains.

New PHP Exploit Chain Highlights Dangers of Deserialization

15 hours ago

PHP unserialization can be triggered by other vulnerabilities previously considered low-risk.

Open Source Software Poses a Real Security Threat

15 hours ago

It's true that open source software has many benefits, but it also has weak points. These four practical steps can help your company stay safer.

RunSafe could eliminate an entire class of infrastructure malware attacks

15 hours ago

RunSafe, a Mclean Virginia startup, got started doing research for DARPA on how to defend critical infrastructure. They built a commercial product based on that initial research that they claim eliminates an entire class of attacks. Today, the company rel ...

ThreatList: Financial-Themed Phishing Lures Sink Hooks into Targets in Q2

17 hours ago

In addition to traditional phishing, fraudulent cryptocurrency offers is a rising trend.

Twistlock snares $33 million Series C investment to secure cloud native environments

17 hours ago

As the world shifts to a cloud native approach, the way you secure applications as they get deployed is changing too. Twistlock, a company built from the ground up to secure cloud native environments, announced a $33 million Series C round today led by Ic ...

Adobe fixes critical code execution flaws in latest patch update

17 hours ago

Two vulnerabilities in Acrobat and Reader are considered critical.

​Microsoft: Here's how to limit 'Foreshadow' attack impact

18 hours ago

Windows Server admins using Hyper-V have some complicated choices to make about how best to mitigate Foreshadow on Intel hardware.

Baddies of the internet: It's all about dodgy mobile apps, they're so hot right now

18 hours ago

Report fingers online fraudsters' current habits Rogue mobile apps have become the most common fraud attack vector, according to the latest quarterly edition of RSA Security's global fraud report.…

Cryptojacking attacks: One in three organisations say they've been hit with mining malware

19 hours ago

Cryptocurrency-generating malware has been on a rampage this year - but some organisations still haven't done much to defend against it.

Hacking Police Bodycams

19 hours ago

Suprising no one, the security of police bodycams is terrible. Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when th ...

Podcast: Bugcrowd Founder on Printer Bugs, IoT Bounty Hunting, and New VDP Project

19 hours ago

Bugcrowd's CTO and founder Casey Ellis talked to Threatpost about the recently launched HP printer bug bounty program.

Foreshadow and Intel SGX software attestation: 'The whole trust model collapses'

20 hours ago

El Reg talks to Dr Yuval Yarom about Intel's memory leaking catastrophe Interview  In the wake of yet another collection of Intel bugs, The Register had the chance to speak to Foreshadow co-discoverer and University of Adelaide and Data61 researcher Dr Y ...

Microsoft Patch Tuesday: 60 vulnerabilities resolved including two active exploits

20 hours ago

A total of 19 vulnerabilities are deemed critical, including two zero-day flaws being actively used in the wild.

Criminals a bit less interested in nicking Brits' identities this year

21 hours ago

ID fraud drops to four-year low New figures reveal UK identity fraud dropped during the first six months of 2018 to reach a four-year low.…

Instagram hack is locking hundreds of users out of their accounts

23 hours ago

Recovery options are being changed to .ru addresses by an unknown threat actor.

Huawei Australia: 'No urgency' on government's 5G decision

23 hours ago

Despite all the hype and expectations surrounding 5G, Huawei has said there is no urgency on waiting for the Australian government's decision, because the technology will evolve slowly.

Florida Man laundered money for Reveton ransomware. Then Microsoft hired him

1 day ago

Former network engineer gets 18 months in the clink A former Microsoft network engineer will be spending a sojourn behind bars after pleading guilty to conspiracy to commit money laundering.…

Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed

1 day ago

Summertiiiiiime, and the hacking is easy Microsoft and Adobe have teamed up to deliver more than 70 patches with this month's Patch Tuesday batch released today.…

IAG open sources AWS frameworks

1 day ago

Keeps baking security into code creation for cloud.

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

1 day ago

Microsoft rolled out 60 patches for its Patch Tuesday release, impacting 19 critical flaws and 39 important flaws.

Intel discloses three more chip flaws

1 day ago

Core and Xeon affected.

Victims Lose Access to Thousands of Photos as Instagram Hack Spreads

1 day ago

In a probable quest to build a botnet, someone is hacking Instagram accounts, deleting handles, avatars and personal details, and linking them to a new email address.

PTC courts security researchers to find IoT vulnerabilities

1 day ago

PTC adopts a shared responsibility model to security as it aims to shore up its ThingWorx ecosystem and court researchers looking into IoT.

Oracle: Apply Out-of-Band Patch for Database Flaw ASAP

1 day ago

Flaw in the Java VM component of Oracle's Database Server is easily exploitable, security experts warn.

​Beyond Spectre: Foreshadow, a new Intel security problem

1 day ago

Researchers have broken Intel's Software Guard Extensions, System Management Mode, and x86-based virtual machines.

Hackers manage – just – to turn Amazon Echo into listening device

1 day ago

But it requires custom hardware, firmware and access to your Wi-Fi DEF CON  Hackers have managed to hack Amazon's Echo digital assistant and effectively turn it into a listening device, albeit through a complex and hard-to-reproduce approach.…

Intel CPUs Undermined By Fresh Speculative Execution Flaws

1 day ago

'Foreshadow" and other vulnerabilities in Intel processors can be exploited to steal sensitive information stored inside personal computers or personal clouds.

Election Websites, Backend Systems Most at Risk of Cyberattack in Midterms

1 day ago

Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.

Election Websites, Backend Systems Most at Risk of Cyberattack in Midterms

1 day ago

Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.

Oracle: Run, don't walk, to patch this critical Database takeover bug

1 day ago

Flaw in House Larry's flagship product allows 'complete compromise' of servers Oracle is advising customers to update their database software following the discovery and disclosure of a critical remote code execution vulnerability.…

Flaws in Mobile Point of Sale Readers Displayed at Black Hat

1 day ago

While security is high overall for mPOS tools from companies like Square, PayPal, and iZettle, some devices have vulnerabilities that attackers could exploit to gather data and cash.

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

1 day ago

The flaw lets an attacker use the same second factor to bypass multifactor authentication for any account on the same ADFS service.

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

1 day ago

This is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building.

Google Services Track User Movements In Privacy Faux Pas

1 day ago

A recent report found that Google services - with functions like checking maps, the weather, and search - are tracking users even when they deny permission.

Three more data-leaking security holes found in Intel chips as designers swap security for speed

1 day ago

Apps, kernels, virtual machines, SGX, SMM at risk from attack Intel will today disclose three more vulnerabilities in its processors that can be exploited by malware and malicious virtual machines to potentially steal secret information from computer memo ...

Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw

1 day ago

The attack targets IKE’s handshake implementation used for IPsec-based VPN connections, opening the door for MiTM attacks or for bad actors to access data carried in VPN sessions.

​Web security gets a boost as TLS gets major overhaul

1 day ago

Expect wide and fast adoption of the latest web encryption protocol after engineers finalise Transport Layer Security (TLS) version 1.3.

CVE? Nope. NVD? Nope. Serious must-patch type flaws skipping mainstream vuln lists – report

1 day ago

Infosec firm fingers 'decentralised' reporting The first half of 2018 saw a record haul of reported software vulnerabilities yet a high proportion of these won’t appear in any mainstream flaw-tracking lists, researcher Risk Based Security (RBS) has clai ...

Washington Man Sentenced in Ransomware Conspiracy

1 day ago

A guilty plea brings 18-month sentence on money laundering charges.

'Election Protection' Aims to Secure Candidates Running for Office

1 day ago

The kit is designed to prevent credential theft targeting people running for federal, state, and local elected offices.

Equifax Avoided Fines, but What If ...?

1 day ago

Let's imagine the consequences the company would have faced if current laws had been on the books earlier.

Adobe Patch Tuesday: Fixes for Critical Acrobat and Reader Flaws

1 day ago

Adobe's August Patch Tuesday release impacts Flash Player, and Acrobat DC and Reader.

Sonatype offers developers free security scan tool on GitHub

1 day ago

Sonatype helps enterprises identify and remediate vulnerabilities in open source library dependencies and release more secure code. Today, they announced a free tool called DepShield that offers a basic level of protection for GitHub developers. The produ ...

Cybersecurity startup Exabeam raises $50 million Series D

1 day ago

Exabeam uses data and AI to detect and respond to cyber threats.

Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises

1 day ago

Armis' CTO discusses the top IoT security issues in the marketplace today - and whether device manufacturers will start to prioritize security.

ThreatList: Almost All Security Pros Believe Election Systems Are at Risk

1 day ago

Respondents in a survey from Venafi said they believe voting machines, encrypted communications from polling stations and databases that store voter registration data are all vulnerable.

New ransomware arrives with a hidden feature that hints at more sophisticated attacks to come

1 day ago

New form of file-locking ransomware has a 'manual' option for more sophisticated attacks.

Google Tracks its Users Even if They Opt-Out of Tracking

1 day ago

Google is tracking you, even if you turn off tracking: Google says that will prevent the company from remembering where you've been. Google's support page on the subject states: "You can turn off Location History at any time. With Location History off, t ...

​Cisco patches router OS against new crypto attack on business VPNs

1 day ago

New attack threatens enterprise VPN and could enable target networks to be impersonated or allow a man-in-the-middle attack.

Podcast: Black Hat and DEF CON 2018 Wrap

1 day ago

The Threatpost team debriefs on the top news and topics from last week's Black Hat and DEF CON conferences.

Hackers can infiltrate police body cameras to tamper with evidence

1 day ago

It is possible that crucial recordings could be modified or deleted due to vulnerabilities in body cam software.

Man-in-the-Disk attacks take advantage of Android storage systems

1 day ago

The novel attack technique relies on Android developers which use lazy storage protocols.

Faxploit: Retro hacking of fax machines can spread malware

1 day ago

20th Century tech causing problems in the 21st Video  Corporations are open to hacking via a booby-trapped image data sent by fax, a hacker demo at DEF CON suggests.…

Cisco patches IOS in response to boffins' IKE-busting breakthrough

2 days ago

Switchzilla issues update for authentication bypass flaw Cisco has pushed out an update for its internetwork operating system (IOS) and IOS XE firmware in advance of a Usenix presentation on circumventing cryptographic key protocol.…

No backdoors for Australian encryption, just a riddling of ratholes

2 days ago

Draft legislation intended to give cops and spooks access to encrypted communications should keep encryption strong. But the powers it proposes aren't just about fighting paedophiles, terrorists, and organised criminals.

​Labor promises inquiry into My Health Record

2 days ago

Concerned mainly with the opt-out element of the contentious My Health Record, the federal opposition has said it will lead a 'comprehensive' Senate inquiry into the government initiative.

Intel finally emits Puma 1Gbps modem fixes – just as new ping-of-death bug emerges

2 days ago

Network-throttling modem bug finally gets a write-up and CVE More than 18 months after the issue was first brought to light, Intel is still working to fix the problems caused by its buggy Puma modem chipsets.…

Banks warned of global ATM cash-out campaign

2 days ago

Attack of the cloned cards.

Hacker Unlocks 'God Mode' and Shares the 'Key'

2 days ago

A researcher proves that it's possible to break the most fundamental security on some CPUs.

It's official: TLS 1.3 approved as standard while spies weep

2 days ago

Now all you lot have to actually implement it An overhaul of a critical internet security protocol has been completed, with TLS 1.3 becoming an official standard late last week.…

​Canberra gives 'decryption' another crack with draft legislation

2 days ago

The Australian government is still committed to 'no backdoors', publishing draft legislation that will force internet companies to assist law enforcement in decrypting messages sent with end-to-end encryption.

Govt finally reveals how it plans to target encryption

2 days ago

Can compel providers to build own tools, but not use vulnerabilities.

Social Engineers Show Off Their Tricks

2 days ago

Experts in deception shared tricks of the trade and showed their skills at Black Hat and DEF CON 2018.

Vulnerability Disclosures in 2018 So Far Outpacing Previous Years'

2 days ago

Nearly 17% of 10,644 vulnerabilities disclosed so far this year have been critical, according to new report from Risk Based Security.

Identifying Programmers by their Coding Style

2 days ago

Fascinating research de-anonymizing code -- from either source code or compiled code: Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor a ...

'Hack the Marine Corps' Bug Bounty Event Held in Vegas

2 days ago

$80K in payouts went to hand-picked hackers in nine-hour event during DEF CON in Las Vegas.

Hammerhead repost for Halvar

2 days ago

Posted by Dave Aitel on Aug 13From:https://web.archiv
e.org/web/20040131120103/
http://www.immunitysec.co
m:8010/29/2002 - Fishing for Obscurity Some sharks and fish have a unique sixth sense – they can generate and detect electrical fields, even minute on ...

New Variant of KeyPass Ransomware Discovered

2 days ago

Samples of the malware have been found in an array of countries, including Brazil and Vietnam.

Voting Village at Defcon

2 days ago

Posted by Dave Aitel on Aug 13https://www.usatoday.co
m/story/tech/nation-now/2
018/08/13/11-year-old-hac
ks-replica-florida-electi
on-site-changes-results/9
75121002/ So I don't know a ton about the details of voting machines, but I'm pretty sure what happene ...

Firefox now supports the newest internet security protocol

2 days ago

Last Friday, the Internet Engineering Task Force released the final version of TLS 1.3. This is a major update to TLS 1.2, the security protocol that secures much of the web by, among other things, providing the layer that handles the encryption of every ...

Nigerian National Convicted for Phishing US Universities

2 days ago

Olayinka Olaniyi and his co-conspirator targeted the University of Virginia, Georgia Tech, and other educational institutions.

Black Hat 2018: IoT Security Issues Will Lead to Legal ‘Feeding Frenzy’

2 days ago

A "wave of litigation over IoT liability is on the horizon," according to an attorney who has represented plaintiffs in the 2015 Jeep hack.

GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig

2 days ago

Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets.

DEF CON 2018: ‘Man in the Disk’ Attack Surface Affects All Android Phones

2 days ago

Sloppy Android developers not following security guidelines for external storage opens the door to device takeover and more.

PCs still infected with Andromeda botnet malware, despite takedown

2 days ago

One of the largest botnets was taken out by the authorities last year - but large numbers of PCs remain infected.

FBI Warns of Cyber Extortion Scam

2 days ago

Spear-phishing techniques are breathing new life into an old scam.

Security researchers found a way to hack into the Amazon Echo

2 days ago

Hackers at DefCon have exposed new security concerns around smart speakers. Tencent’s Wu HuiYu and Qian Wenxiang spoke at the security conference with a presentation called Breaking Smart Speakers: We are Listening to You, explaining how they hacked int ...

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

2 days ago

Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.

US voting systems: Full of holes, loaded with pop music, and hacked in 10 min by an 11-year-old

2 days ago

Good luck voting in November, folks in US, you're going to need it DEF CON  Hackers of all ages have been investigating America’s voting machine tech and the results aren’t good - one enterprising 11 year-old named Emmet managed to hack a simulated S ...

The Data Security Landscape Is Shifting: Is Your Company Prepared?

2 days ago

New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.

The future of IoT? State-sponsored attacks, say security professionals

2 days ago

IT security professionals believe that nation states will begin to exploit smart, connected devices in the next 12 months.

DEF CON 2018: Voting Hacks Prompt Push Back from Election Officials, Vendors

2 days ago

The Vote Hacking Village invited attendees – including kids as young as six – to hack the voting infrastructure, including ballot machines, a voter database and more.

Criminal justice software code could send you to jail and there’s nothing you can do about it

2 days ago

Trade secrets are trumping personal liberty DEF CON  American police and the judiciary are increasingly relying on software to catch, prosecute and sentence criminal suspects, but the code is untested, unavailable to suspects' defense teams, and in some ...

Apple macOS vulnerability paves the way for system compromise with a single click

2 days ago

Tampering with two lines of code unveiled a serious bug which could lead to full system compromise.

​Cybercrime: Why can't the Middle East get to grips with the threats?

2 days ago

The region's been investing heavily in tackling cybercrime but remains disproportionately affected.

Prank 'Give me a raise!' email nearly lands sysadmin with dismissal

2 days ago

Staffer learns hard way: boss jokes don't mix well with infosec demos Who, Me?  Welcome again to Who, Me?, where we invite Reg readers to begin the week crossing their fingers it will be better than those of our featured techies.…

25 Android smartphone models contain severe vulnerabilities off the shelf

2 days ago

Researchers say that the swathe of bugs impacts major vendors.

Former NSA top hacker names the filthy four of nation-state hacking

2 days ago

Carefully omits to mention the Land of the Free DEF CON  Rob Joyce, the former head of the NSA’s Tailored Access Operations hacking team, has spilled the beans on which nations are getting up to mischief online.…

UK cyber cops: Infosec pros could help us divert teens from 'dark side'

2 days ago

Police seek mentor-like techies to help talented kids UK police are looking to cybersecurity firms to help implement a strategy of steering youngsters away from a life in online crime.…

Flaws in ACT election systems could reveal voters' votes

2 days ago

Accurate timing data about votes, and the order in which they're cast, can be enough to reveal individual voters' secret ballots.

DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack

3 days ago

A malicious fax sent to an HP Inc. OfficeJet all-in-one inkjet printer can give hackers control of the printer and act as a springboard into an attached network environment.

Hackers can steal data from the enterprise using only a fax number

3 days ago

Fax machines are still widely used by businesses and a communications protocol vulnerability is leaving them exposed to cyberattacks.

Microsoft mulls software isolation chambers for Win10 Enterprise

3 days ago

"InPrivate Desktop" mode to ensure unexpected code can't touch OS.

DEF CON 2018: Apple 0-Day (Re)Opens Door to ‘Synthetic’ Mouse-Click Attack

3 days ago

Apple 0-Day allows hackers to mimic mouse-clicks for kernel access, despite mitigations.

DEF CON 2018: Hacking Medical Protocols to Change Vital Signs

4 days ago

LAS VEGAS – In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other g ...

DEF CON 2018: Telltale URLs Leak PII to Dozens of Third Parties

4 days ago

Analytics, advertising and other web scripts can capture information housed in user confirmations for flight bookings, food delivery, medical testing and more.

Snap code snatched, Pentagon bans bands, pacemakers cracked, etc

4 days ago

New zero-day vendor opens up shop, and more in infosec this week Roundup  This week, the infosec world descended on Las Vegas for BlackHat and DEF CON to share stories of bug hunting, malware neural nets, hefty payout offers, and more.…

Vulnerable Smart City Devices Can Be Exploited To Cause Panic, Chaos

5 days ago

False alerts about floods, radiation levels are just some of the ways attackers can abuse weakly protected IoT devices, researchers warn.

Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures

5 days ago

Interesting video of a robot grabber that's delicate enough to capture squid (and even jellyfish) in the ocean. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guide ...

The off-brand 'military-grade'
; x86 processors, in the library, with the root-granting backdoor

5 days ago

Dive into a weird and wonderful 'feature' of Via's embedded hardware chips Black Hat  A forgotten family of x86-compatible processors still used in specialist hardware, and touted for "military-grade security features," has a backdoor that malware and ro ...

Chris Valasek and Charlie Miller: How to Secure Autonomous Vehicles

5 days ago

Famous car hackers Chris Valasek and Charlie Miller returned to Black Hat to discuss how manufacturers can secure autonomous vehicles.

NSA Brings Nation-State Details to DEF CON

5 days ago

Thousands of hackers were eager to hear the latest from the world of nation-state cybersecurity.

Federacy wants to put bug bounty programs in reach of every startup

5 days ago

Federacy, a member of the Y Combinator Summer 2018 class, has a mission to make bug bounty programs available to even the smallest startup. Traditionally, bug bounty programs from players like BugCrowd and HackerOne have been geared toward larger organiza ...

xkcd on Voting Computers

5 days ago

Funny and true.

Facebook now requiring Pages with large US audiences to go through additional authorization

5 days ago

Facebook today announced it’s implementing a new measure to secure Facebook Pages with large U.S. followings in order to make it harder for people to administer a Page using a “fake or compromised account.” Beginning with those that have large U.S. ...

Flying drones near wildfires could kill people: Don't do it

5 days ago

The bottom line is simple: Flying a drone near a wildfire could cause catastrophic damage. Don't do it.

Black Hat 2018: Voice Authentication is Broken, Researchers Say

5 days ago

Researchers crack voice authentication systems by recreating any voice using under ten minutes of sample audio.

The Enigma of AI & Cybersecurity

5 days ago

We've only seen the beginning of what artificial intelligence can do for information security.

Hi-de-Hack! Redcoats red-faced as Butlin's holiday camp admits data breach hit 34,000

5 days ago

Staff opened phishing email Holiday camp and British institution Butlin's has admitted 34,000 visitor records have been compromised.…