Security

0 Comments
After two years of investigating, yesterday Robert S. Mueller III finally released his investigation, Report on the Investigation into Russian Interference in the 2016 Presidential Election. The 448-page report looks into Russian interference specifically but also into any individuals in the US that may have been involved.  Appointed in May 2017 as Special Counsel to the
0 Comments
A security researcher identified eight unsecured databases that held “approximately 60 million records of LinkedIn user information.” GDI Foundation, where the security researcher is from, is a nonprofit organization with a mission to “defend the free and open Internet by trying to make it safer.” The researcher, Sanyam Jain, contacted Bleeding Computer when he noticed “something
0 Comments
The government department that is responsible for implementing the General Data Protection Regulation (GDPR) has committed an email faux pas with UK journalists which could also mean it has broken its own rules.  Flagged by Guardian journalist Alex Hern on Twitter, the email was regarding its announcement on age verification rules on online pornography. Hern tweeted:
0 Comments
by Paul Ducklin In this episode, the Naked Security podcast tells you how to make your web signup forms safer [02’52”], explains how Android phones can be used as security tokens [08’13”], and looks into a Facebook “hidden message” that escaped into the wild [14’04”]. With Anna Brading, Paul Ducklin and Matthew Boddy. This week’s links: Serious Security:
0 Comments
Matrix users are encouraged to change their passwords after an unauthorized actor gained access to the servers hosting Matrix.org. Those using IRC bridging are also encouraged to change their NickServ passwords. An open network for secure, interoperable, decentralized, real-time communication over IP, Matrix is used across instant messaging, VoIP/WebRTC signaling and internet of things (IoT)
0 Comments
Email automation and delivery service Mailgun, announced that it has resolved a security incident that resulted from a massive coordinated attack against WordPress sites. “The mailgun.com webpage began issuing redirects to sites outside of our domain. We immediately launched an incident to determine the source of the redirects and determined that a plugin for WordPress
0 Comments
Researchers at GreatHorn have identified what they are calling a widespread attack in which attackers spoofed both the Microsoft brand in the display name and the Barracuda Networks brand in the return path and received headers, with the goal of stealing credentials. The team identified an attack notable in that the return path spoofs a
0 Comments
by Paul Ducklin Julian Assange, founder of whistleblowing organisation WikiLeaks (or co-founder, depending on whom you ask) , and arguably Ecuador’s most famous Londoner (or infamous, depending on whom you ask), is in custody following his arrest yesterday. Assange rose to fame by leaking secret government documents that the WikiLeaks organisation acquired from a wide
0 Comments
Kicking off the second day of the ISC West 2019 conference in Las Vegas, keynote speaker Russ Butler, VP of security for the San Francisco 49ers and Levi’s Stadium, talked about the evolution of the ever-changing stadium security landscape in his talk, “Stadium Security: As It Was, Where It Is and Where It Is Going.” Butler
0 Comments
Advances in machine learning and artificial intelligence (AI) are driving investments from the Department of Homeland Security (DHS) science and technology directorate (S&T) with the goal of enhancing security and resiliency in public safety, transportation and communications, according to William N. Bryan, acting under secretary of S&T, who delivered the opening-day keynote speech at the
0 Comments
Researchers suspect that a new stealer malware dubbed Baldr, first detected in January, has incorporated three known threat actors, according to Malwarebytes. In today’s blog post, researchers said that Baldr has earned positive reviews on Russian hacking forums for its use of three threat actors: Agressor for distribution, Overdot for sales and promotion and LordOdin for development.
0 Comments
With the use of deep learning, researchers Yisroel Mirsky, Tom Mahler, Ilan Shelef and Yuval Elovici at Cyber Security Labs at Ben-Gurion University demonstrated in a video proof of concept (PoC) that an attacker could fool three expert radiologists by falsifying CT scans, inserting or removing lung cancer, the Washington Post reported.  “In 2018, clinics and
0 Comments
Regulators in Australia are cracking down on social media sites in the aftermath of the deadly shooting at two mosques in Christchurch that killed 50 people, according to Reuters. The Criminal Code Amendment (Sharing of Abhorrent Violent Material) Act 2019 would prohibit social media sites and internet or hosting services from allowing “abhorrent violent material.” Such material would
0 Comments
by Lisa Vaas Should you “share, share, share” the “urgent warning” that hackers are “posting sexual videos and pictures on your walls” that are completely invisible to you? No, you should not sharedy-sharedy-SHARE-share-share, because this latest viral Facebook copy-and-paste-me warning is just another social media sneeze, spreading its hoaxy germs in spite of the fact
0 Comments
Researchers at Cisco Talos detected an excess of 70 Facebook groups that have been selling black-market cyber-fraud services, some of which have managed to remain on Facebook for up to eight years, according to a Talos Intelligence blog post. For several months, researchers have been investigating online criminal flea markets on Facebook, discovering a collective