Group items tagged

"Cybersecurity experts have warned for years that malfeasance, technical breakdown or administrative incompetence could easily wreak havoc with electronic systems and could go largely or wholly undetected. This is a concern made much more urgent by Russia's cyber-attacks on political party servers and state voter registration databases in 2016 and by the risk of a repeat - or worse - in this November's midterms. "

"These exploits are based on chip engineering flaws, not on software flaws. Apple, Google, Abode, Microsoft, and other software companies didn't write poor software or bad Operating Systems to cause these problems to occur. Rather, the chip manufacturers - Intel, AMD and ARM - designed and then engineered computer chips with flaws built into them. Once discovered, those flaws allow the Meltdown and Spectre exploits to be run. Worse, these chips have been sold with consumer computers, servers and mobile devices since 1995. so the impact is, potentially, both personal and global in scope."

"L&M used a credential stuffing attack: using email addresses gleaned from massive breaches to gain access by repeatedly trying different email/password combinations."

"That's why it was so important that the new 5G mobile protocol be designed to foil IMSI catchers, and why the 3rd Generation Partnership Project, or 3GPP (the body standardizing 5G) updated the Authentication and Key Agreement (AKA) to resist IMSI catching techniques."