Group items tagged

"Bruce Schneier makes the point that if the Russian state is behind the DNC hacks, there's no reason to expect that its attacks on the US political system will end there. Voting machines are so notoriously terrible that they'd be a very tempting target for Russia or other states that want to influence the outcome in 2016 (or merely destabilize the US by calling into question the outcome in an election). "

"Hackers breached the Internet Corporation for Assigned Names and Numbers (ICANN), the organization that coordinates unique web addresses all across the world, but luckily didn't hit the Internet Assigned Numbers Authority, an important leg that keeps the Internet running smoothly. Attackers used "spear fishing" to break into the system in late November, according to a post on ICANN's website this week. Staffers received email messages that appeared to be coming from ICANN's own domain; several ICANN staffers' emails were compromised."

"$500 method for using a 300dpi scan of a fingerprint (which can be captured from a fingerprint sensor itself) to produce a working replica printed with conductive ink fed through a normal inkjet printer, in a prodcedure that takes less than 15 minutes. "

"The thousands of leaked documents focus mainly on techniques for hacking and reveal how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices."

"Gmail users are under attack in a gigantic phishing operation that's spreading like wildfire across the internet right now. People took to Twitter to report receiving an email that looks like an invitation to join a Google Doc from someone they know. But when you click on the link to open the file, you are directed to grant access to an app that looks like Google Docs but is actually a program that sends spam emails to everyone you've emailed, according to a detailed outline of the attack on Reddit. "

"The conference acquired 30 machines for hackers to toy with. Every voting machine in the village was hacked. Though voting machines are technologically simple, they are difficult for researchers to obtain for independent research."

""The Vastaamo data breach is a shocking act which hits all of us deep down," the country's interior minister, Maria Ohisalo, wrote on her website on Monday. Finland must be a country where "help for mental health issues is available and it can be accessed without fear", she added. Ministers met for crisis talks this weekend, with further emergency discussions tabled for the coming week over the data breach."

"Michael said recent threats to the security of government-held data such as the census failure should raise real concerns about the storage of biometric data en masse. "I am worried about theft, I don't buy the story that your data is safe. I think we've become almost complacent 'oh there's been another data breach. Oh they hacked in and stole the data'," she said. "Is the next phase of rollout going to be 'oh my e-health records were taken', 'oh my biometrics at border control were taken'?""

"The bank had no firewall and used second-hand routers that cost $10 to connect to global financial networks. Better security and hardware would have hampered the attackers, Reuters said, quoting an official investigator."

"If mediocre malware can power some of the largest DDoS attacks ever, and considering the sad state of security of the Internet of Things in general, we should probably brace for more cyberattacks powered by our easy-to-hack "smart" Internet of Things, as many, including ourselves, had predicted months ago."

""This is the largest impact on the energy system in the United States we've seen from a cyberattack, full stop," says Rob Lee, CEO of the critical-infrastructure-focused security firm Dragos. Aside from the financial impact on Colonial Pipeline or the many providers and customers of the fuel it transports, Lee points out that around 40 percent of US electricity in 2020 was produced by burning natural gas, more than any other source. That means, he argues, that the threat of cyberattacks on a pipeline presents a significant threat to the civilian power grid. "You have a real ability to impact the electric system in a broad way by cutting the supply of natural gas. This is a big deal," he adds. "I think Congress is going to have questions. A provider got hit with ransomware from a criminal act, this wasn't even a state-sponsored attack, and it impacted the system in this way?""

"TL;DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down. The root of trust on macOS is inherently broken They can bruteforce your FileVault2 volume password They can alter your macOS installation They can load arbitrary kernel extensions"

"Keyword-based filtering allows blocking of sites and texts containing candidates' names and slogans, say security experts"

Yikes this is very scary - lets all jump from WEP, to WPA to WPA 2?

"And that means that there's now a financial incentive for going after just about anything. While the payoff of going after businesses' networks used to depend on the long play-working deep into the network, finding and packaging data, smuggling it back out-ransomware attacks don't require that level of sophistication today. It's now much easier to convert hacks into cash."

""The person on the other line said, 'unplug your Alexa devices right now,'" Danielle told KIRO. "'You're being hacked.'" The couple had reportedly placed Amazon devices in every room of their house to control the heat, lights, and security system. All of the gadgets were pulled out after their colleague proved they had received the unauthorized recording."