Skip to main content

Home/ Digit_al Society/ Group items tagged vulnerabilities

Rss Feed Group items tagged

dr tech

Contact tracing apps unsafe if Bluetooth vulnerabilities not fixed | ZDNet - 0 views

  •  
    "As more governments turn to contact tracing apps to aid in their efforts to contain the coronavirus outbreak, cybersecurity experts are warning this may spark renewed interest in Bluetooth attacks. They urge developers to ensure such apps are regularly tested for vulnerabilities and release patches swiftly to plug potential holes, while governments should provide assurance that their databases are secure and the data collected will not be used for purposes other than as originally intended. "
dr tech

Elon Musk and Sam Altman's OpenAI and Pennsylvania State University made a tool to prot... - 0 views

  •  
    "To thwart such hackers, Elon Musk's OpenAI and Pennsylvania State University released a new tool this week called "cleverhans," that lets artificial intelligence researchers test how vulnerable their AI is to adversarial examples, or purposefully malicious data meant to confuse the algorithms. Once the vulnerability has been found, a defense to the attack can automatically be applied."
dr tech

Researchers hack Samsung SmartThings, exposing vulnerabilities - 0 views

  •  
    "Security Analysis of Emerging Smart Home Applications demonstrates how Samsung's SmartThings platform may be especially vulnerable to hackers. "
dr tech

What Is The Internet Doing To Boomers' Brains? | HuffPost - 0 views

  •  
    "The first and most obvious explanation for older internet users' increased vulnerability to misinformation is the effect of aging on the brain. A huge body of research has demonstrated that the same factors that make older Americans susceptible to financial scams - lower impulse control, slower cognitive function, higher rates of social isolation - also make them vulnerable to misinformation. "
dr tech

Recently uncovered software flaw 'most critical vulnerability of the last decade' | Sof... - 0 views

  •  
    "The flaw, dubbed "Log4Shell", may be the worst computer vulnerability discovered in years. It was uncovered in an open-source logging tool that is ubiquitous in cloud servers and enterprise software used across the industry and the government. Unless it is fixed, it grants criminals, spies and programming novices alike, easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more."
dr tech

New Go-playing trick defeats world-class Go AI-but loses to human amateurs | Ars Technica - 0 views

  •  
    "KataGo's world-class AI learned Go by playing millions of games against itself. But that still isn't enough experience to cover every possible scenario, which leaves room for vulnerabilities from unexpected behavior. "KataGo generalizes well to many novel strategies, but it does get weaker the further away it gets from the games it saw during training," says Gleave. "Our adversary has discovered one such 'off-distribution' strategy that KataGo is particularly vulnerable to, but there are likely many others.""
dr tech

Internet-connected hospital drug pumps vulnerable to remote lethal-dose attacks - Boing... - 0 views

  •  
    "Researcher Billy Rios (previously) has extended his work on vulnerabilities in hospital drug pumps, discovering a means by which their firmware can be remotely overwritten with new code that can result in lethal overdoses for patients. "
dr tech

Hack the vote: terrifying film shows how vulnerable US elections are | Television & rad... - 0 views

  •  
    "And these machines' vulnerabilities to hacking are "terrifying", Sarah Teale, co-director along with Simon Ardizzone and Russell Michaels, told the Guardian. America's current election infrastructure is, as Kill Chain explains, a prescription for disaster - an outdated, willfully naive system no more prepared for attack than four years ago."
dr tech

How do you deal with a problem like "fake news?" - 0 views

  •  
    "Facebook will rely on users to report fake news despite evidence that suggests users have a difficult time assessing or identifying fake news. Teens seem to be especially vulnerable to fake news. A recent study by researchers at Stanford found that middle and high school students have a difficult time detecting fake news from real news, or detecting bias in tweets and Facebook statuses."
dr tech

Waze is an awesome driving app that also lets hackers stalk you / Boing Boing - 0 views

  •  
    "Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thousands of "ghost drivers" that can monitor the drivers around them-an exploit that could be used to track Waze users in real-time. They proved it to me by tracking my own movements around San Francisco and Las Vegas over a three-day period."
dr tech

Major sites including New York Times and BBC hit by 'ransomware' malvertising | Technol... - 0 views

  •  
    "The malware was delivered through multiple ad networks, and used a number of vulnerabilities, including a recently-patched flaw in Microsoft's former Flash competitor Silverlight, which was discontinued in 2013. When the infected adverts hit users, they redirect the page to servers hosting the malware, which includes the widely-used (amongst cybercriminals) Angler exploit kit. That kit then attempts to find any back door it can into the target's computer, where it will install cryptolocker-style software, which encrypts the user's hard drive and demands payment in bitcoin for the keys to unlock it."
dr tech

Cryptocurrency raider takes $60 million in digital cash - 0 views

  •  
    "A cryptocurrency is only as reliable as the technology that keeps it running, and Ethereum is learning this the hard way. An attacker has taken an estimated $60 million in Ethereum's digital money (Ether) by exploiting vulnerabilities in the Decentralized Autonomous Organization, an investment collective. The raider took advantage of a "recursive call" flaw in the DAO's code-based smart contracts, which administer the funds, to scoop up Ether many times in a single pass."
dr tech

Starbucks: We Stored Your Passwords in Plaintext - 0 views

  •  
    "User information, including passwords, email addresses, usernames and geolocation data, was unencrypted - making it readily accessible to anyone who plugs the handset into a PC, according to a report detailing the vulnerability."
dr tech

Patient lost £18,000 legal battle over GP medical records | Politics | The Gu... - 0 views

  •  
    "Some are disturbed by the strategy to go "digital by default". Andrew Miller, chair of the Commons science and technology committee, wrote to Cabinet Office minister Francis Maude with concerns that "as public services go online, the government may not keep up with advances in technology and that inadequacies in government software may lead to security vulnerabilities"."
dr tech

Hundreds of US police forces have distributed malware as "Internet safety software" - B... - 0 views

  •  
    "But Computercop isn't security software -- quite the opposite; it's classic malware. The software, made in New York by a company that markets to law enforcement, is a badly designed keylogger that stores thingstyped into the keyboard -- potentially everything typed on the family PC -- passwords, sensitive communications, banking logins, and more, all stored on the hard drive, either in the clear, or with weak, easily broken encryption. And Computercop users are encouraged to configure the software to email dumps from the keylogger to their accounts (to spy on their children's activity), so that all those keystrokes are vulnerable to interception by anyone between your computer and your email server. "
dr tech

Shellshock: The 'Bash Bug' That Could Be Worse Than Heartbleed - 0 views

  •  
    "Security researchers have discovered a vulnerability in the system software used in millions of computers, opening the possibility that attackers could execute arbitrary commands on web servers, other Linux-based machines and even Mac computers."
dr tech

The 'Athens Affair' shows why we need encryption without backdoors | Trevor Timm | Comm... - 0 views

  •  
    "One of the biggest arguments against mandating backdoors in encryption is the fact that, even if you trust the United States government never to abuse that power (and who does?), other criminal hackers and foreign governments will be able to exploit the backdoor to use it themselves. A backdoor is an inherent vulnerability that other actors will attempt to find and try to use it for their own nefarious purposes as soon as they know it exists, putting all of our cybersecurity at risk. "
dr tech

NSA leak reveal plans to subvert mobile network security around the world - Boing Boing - 0 views

  •  
    "The NSA's AURORAGOLD program -- revealed in newly released Snowden docs -- used plundered internal emails to compromise nearly every mobile carrier in the world, and show that the agency had planned to introduce vulnerabilities into future improvements into mobile security. "
dr tech

Probing the whole Internet - in under an hour - for major security flaws - 0 views

  •  
    "Durumeric leads a team of researchers at the University of Michigan that has developed scanning software called ZMap. This tool can probe the whole public Internet in under an hour, revealing information about the roughly four billion devices online. The scan results can show which sites are vulnerable to particular security flaws. In the case of FREAK, a scan was used to measure the scale of the threat before the bug was publicly announced."
dr tech

Database allegedly containing ID numbers of 50m Turks posted online | Technology | The ... - 0 views

  •  
    "A database posted online allegedly contains the personal information of 49 million people on the Turkish citizenship database, potentially making more than half of the population of the country vulnerable to identity theft and massive privacy violations."
1 - 20 of 42 Next › Last »
Showing 20 items per page