It sometimes feels like the price of Bitcoin rises and falls on the turn of a speculative dime, and yesterday we saw one such moment come to pass, when it was reported that Goldman Sachs was planning to drop a plan to build a Bitcoin trading platform, causing the price of the cryptocurrency to crash.
Listen to this podcast In this week’s Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite. Google’s public disclosure of a vulnerability in the Android version of Epic Games Inc.’s popular title “Fortnite Battle Royale” sparked a feud between
Criminals continue to infect millions of consumers by exploiting programmatic ads despite the efforts of some publishers and platform providers that use blockers to help prevent bad ads from souring user experience. However, The Media Trust has discovered that cybercriminals have found new ways to bypass those blocker defense solutions and execute their malicious code,
by Lisa Vaas It’s one thing to slip spyware onto somebody’s phone so you can surreptitiously intercept text messages, call logs, emails, location tracking, calendar information and record conversations – that kind of privacy-spurning stuff. It’s another thing entirely to be the company that makes and markets the software… and – the coup de GAH!
Since January 1st of 2018, a barrage of cyberattacks and data breaches have hit almost every industry, targeting businesses large and small, many of which are now from IoT devices. By 2025, it is estimated that there will be approximately 75 billion connected devices around the world. With more IoT devices –from wearables and pacemakers
Far-fetched though it may sound, the answer is yes, according to researchers, who show that electrical grids and smart home appliances could make for a dangerous mix Cybercriminals could rope internet-connected household appliances into a botnet in order to manipulate the demand side of the power grid and, ultimately, cause anything from local outages to
The U.S. Department of Justice is preparing to announce criminal charges against a North Korean government spy in connection with the 2017 global WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack. According to multiple government officials cited by the NY Times who are familiar with the indictment, the charges would be brought against
As the shadow of SoftBank (and its $100 billion fund) looms large over the investment landscape, Sequoia Capital is pushing the upper limits of the checks it’s willing to write to global growth-stage companies up to $1 billion. With a B. That’s the word from Sequoia’s global managing partner Doug Leone speaking onstage at Disrupt
The i7+ features much-improved mapping and a self-emptying bin Brian Heater @ / 8 hours The Roomba i7+ looks like, well, it looks like a Roomba. There are few factors distinguishing the product from the last several generations. The rollers are bright green, along with a large Automatic Dirt Disposal section just below. Beyond that,
Celebrating the success of this year’s live hacking event, HackerOne (H1) recently announced that more than $500,000 was paid in bounties during the third annual h1-702 at DEF CON 26 in Las Vegas last month. More than 75 hackers from over 20 countries hacked five targets (including the United States Marine Corps) over the course
by Paul Ducklin Remember MEGA – or, more precisely, Megaupload as it once was? Sure you do! It was a New Zealand cloud storage business masterminded by Kim Dotcom, a larger-than-life digital-era entrepreneur (Dotcom is literally as well as figuratively big, standing more than 2m tall). Megaupload is no more, having ended up embroiled in
WannaCry, Petya, and Equifax first come to mind when you think of the most impactful cyber events in recent years, with the first-year anniversary of the latter coming up September 7th. Impacting nearly 150 million Americans (essentially half the country), the breach changed the nature of identity theft. Now, just before its anniversary, let’s take
Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. Source: Twitter It seems obvious that this was not part of a coordinated vulnerability disclosure
Warning! If you are using Chrome browser extension from the MEGA file storage service, uninstall it right now. The official Chrome extension for the MEGA.nz cloud storage service had been compromised and replaced with a malicious version that can steal users’ credentials for popular websites like Amazon, Microsoft, Github, and Google, as well as private
The Justice Department has confirmed that Attorney General Jeff Sessions has expressed a “growing concern” that social media giants may be “hurting competition” and “intentionally stifling” free speech and expression. The comments come as Facebook chief operating officer Sheryl Sandberg and Twitter chief executive Jack Dorsey gave testimony to the Senate Intelligence Committee on Wednesday, as
Theranos is reportedly finally closing down for good, nearly three years after a Wall Street Journal investigation called its blood testing technology into question. The WSJ said the company, whose dramatic downfall spawned a best-selling book that’s set to be filmed with Jennifer Lawrence starring as Theranos founder and CEO Elizabeth Holmes, sent shareholders an
SecureAuth Core Security today published a vulnerability disclosure in conjunction with enterprise systems monitoring software provider Opsview. The publication of the disclosure is related to five vulnerabilities in the company’s Opsview Monitor product, which is a virtual appliance deployed inside an organization’s network infrastructure. The product comes bundled with a web management console that monitors
The digital whiteboards have long replaced the squeaky blackboards, while emails and text messages are replacing messages pinned on the display boards in the corridors. Today, many schools have a Bring Your Own Device (BYOD) policy, making notebooks redundant. The education pattern is itself changing from general rote learning for all to the ‘Discovery’ methods.
All things labeled Artificial Intelligence (AI) or Machine Learning (ML) are making waves, but talk of them in cybersecurity contexts often muddies the waters. A new ESET white paper sets out to bring some clarity to a subject where confusion often reigns supreme It is no mean feat to find an area in business and
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable
Berlin based Internet of Things (IoT) startup relayr, whose middleware platform is geared towards helping industrial companies unlock data insights from their existing machinery and production line kit by linking Internet connected sensors and edge devices to platform controls, has been acquired by insurance group Munich Re in a deal which values the company at
At least one malicious actor began exploiting a critical vulnerability in Apache Struts in the wild, despite a patch being issued last week. According to researchers at Volexity, a cybersecurity company based in Washington, D.C., the exploits of the Apache Struts vulnerability surfaced in the wild not long after a proof-of-concept (PoC) exploit was published
As cryptocurrencies emerge from the speculative bloodletting of the past months, believers in the promise of distributed ledger technologies for business and consumer applications are casting about for what comes next. On our stage at Disrupt San Francisco we’ll be welcoming some of the leading thinkers in how distributed ledgers can create an entirely new
A cryptocurrency wallet device-maker has closed its bug bounty program and retracted claims it is unhackable after a researcher demonstrated yet another successful attack. The $120 Bitfi device is backed by outspoken security pioneer John McAfee, who still claims it is unhackable despite researchers confirming they have been successful on multiple occasions. “As part of
by Paul Ducklin We went on camera to discuss some fascinating research that set out to meaure what your video screen lets slip about you behind your back. Enjoy… (Watch directly on YouTube if the video won’t play here.) DEEP LEARNING FOR DEEPER CYBERSECURITY Watch Video Follow @NakedSecurity Follow @duckblog
When we think about credit cards, we usually think of our own – what we use them for, how our credit is doing, and most importantly, that they remain in our hands and not in that of a cybercriminal. But something many parents forget – the cyberthreats that could potentially impact our financial information could
The adoption of the protocol’s secure variant has continued its growth spurt in recent months, crossing the 50-percent milestone for the first time ever More than one-half (51.8 percent) of the one million most visited websites worldwide now actively redirect to HTTPS, the secure version of the HTTP protocol over which data between a device
Over a week after Google admitted the company tracks users’ location even after they disable location history, it has now been revealed that the tech giant has signed a secret deal with Mastercard that allows it to track what users buy offline. Google has paid Mastercard millions of dollars in exchange to access this information.
David Gorn Contributor David Gorn is a contributing writer for CALMatters and formerly was an editor and reporter for public media, including NPR and its California stations. Karen Lewis knows about water problems. The 67-year-old lives in Compton, where the water coming out of her tap is tinged brown by manganese, a metal similar to