Group items tagged

Yikes this is very scary - lets all jump from WEP, to WPA to WPA 2?

"This story is getting squrrelier and squrrelier. Yes, security companies love to hype the threat to sell their products and services. But this goes further: single-handedly trying to create a panic, and then profiting off that panic."

"Regin is a tool capable of infecting and compromising entire networks, not just individual computers, as security companies Symantec and Kaspersky Labs detailed in their technical reports published on Sunday and Monday. It's not only a computer virus or malware, but also a toolkit or platform that can be used for different purposes, depending on the needs of the attackers. It can collect passwords, retrieve deleted files, and even take over entire networks and infrastructures, according to researchers. "

"At 221 of the Fortune 500 companies, Fortune magazine's list of the the top 500 U.S. public corporations ranked by gross revenue, employees' credentials are posted publicly online for hackers to steal and reuse in cyberattacks, according to new research from the web intelligence firm Recorded Future. "

"She recounts the moment when her 13-year-old son Jacob - now 16 - was sent to isolation for refusing to register his fingerprint to use the school canteen. "I went to school and said that I didn't give my consent. As a parent I want to be clear that the decisions I make that affect my children are in their best interests."

""Privacy Not Included" is Mozilla's Christmas shopping (anti)-guide to toys and gadgets that spy on you and/or make stupid security blunders, rated by relative "creepiness," from the Nintendo Switch (a little creepy) to the Fredi Baby monitor (very creepy!). Mozilla's reviews include a detailed rationale for each ranking, including whether the product includes encryption, whether it forces a default password change, how easy to understand the documentation is, whether it shares your data for "unexpected reasons," whether it has known security vulnerabilities, whether it has parental controls and more."

"When Vancouver tech retailer NCIX went bankrupt, it stopped paying its bills, including the bills for the storage where its servers were being kept; that led to the servers being auctioned off without being wiped first, containing sensitive data -- addresses, phone numbers, credit card numbers, passwords, etc -- for thousands of customers. Also on the servers: tax and payroll information for the company's employees."

"L&M used a credential stuffing attack: using email addresses gleaned from massive breaches to gain access by repeatedly trying different email/password combinations."

"As privacy scholar Josh Fairfield says, while some dismiss privacy concerns by saying they have nothing to hide, we shouldn't accept that argument from anyone wearing clothes. Or anyone who closes the bathroom door, locks her home or car, or uses password-protected accounts. Or anyone who benefits from rules and norms that protect secrecy and confidentiality, prohibit government overreach, and give us recourse if others intrude upon our seclusion, publicly disclose embarrassing private facts, depict us in a false light, or appropriate our image or likeness. "

""Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords. These attempts specifically were trying to gain access to our emails. "

"Serious security flaws that could let attackers steal sensitive data, including passwords and banking information, have been found in processors designed by Intel, AMD and ARM. The flaws, named Meltdown and Spectre, were discovered by security researchers at Google's Project Zero in conjunction with academic and industry researchers from several countries. Combined they affect virtually every modern computer, including smartphones, tablets and PCs from all vendors and running almost any operating system."

Sounds a bit extreme just to make sure no one can log on to your laptop or smartphone, but a team of researchers from Stanford and Northwestern universities as well as SRI International is nonetheless experimenting at the computer-, cognitive- and neuroscience intersection to combat identity theft and shore up cyber security-by taking advantage of the human brain's innate abilities to learn and recognize patterns.

"Lazada added that the information stolen was last updated in March 2019, and the affected RedMart-only database is not linked to any Lazada database."