Group items matching

in title, tags, annotations or url

""Nothing in this bill ensures the security of that data, either. Instead it turns every business providing telecommunications in or to the United Kingdom into an attack vector. The best way to guarantee the safety of user data is for it to not exist. Our national security will be significantly enhanced if we store less data, not more, and increase the use of strong cryptography, rather than reducing it.""

"Google announced on its blog that it is expanding upon Safe Browsing to alert Gmail users about the possibility of suspicious government activity. Since 2012, Google has put a banner on top of users' Gmail pages that had a warning about state-sponsored attackers if Google believed they were in danger, but starting today people will get a full-page warning about it - very hard to miss."

"And that means that there's now a financial incentive for going after just about anything. While the payoff of going after businesses' networks used to depend on the long play-working deep into the network, finding and packaging data, smuggling it back out-ransomware attacks don't require that level of sophistication today. It's now much easier to convert hacks into cash."

"Three software flaws in Facebook's systems allowed hackers to break into user accounts, including those of the top executives Mark Zuckerberg and Sheryl Sandberg, according to two people familiar with the investigation but not allowed to discuss it publicly. Once in, the attackers could have gained access to apps like Spotify, Instagram and hundreds of others that give users a way to log into their systems through Facebook."

"Victims of a major ransomware cyberattack that has spread through the US and Europe can no longer unlock their computers even if they pay the ransom. The "Petya" ransomware has caused serious disruption at large firms including the advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft. Infected computers display a message demanding a Bitcoin ransom worth $300. Those who pay are asked to send confirmation of payment to an email address. However, that email address has been shut down by the email provider. "

"His program became the first of a particular type of cyber attack called "distributed denial of service," in which large numbers of internet-connected devices, including computers, webcams and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked."

"After a successful phishing attack that captured over 50 accounts, hackers stole 500,000 records from the San Diego Unified School District, for staff, current students, and past students going all the way back to 2008; including SSNs, home addresses and phone numbers, disciplinary files, health information, emergency contact details, health benefits and payroll info, pay information, financial data for direct deposits."

"he outlines three sources of dysfunction - 'deliberate, malicious intent, such as state-sponsored hacking and attacks, criminal behaviour, and online harassment'; 'system design' which has created 'perverse incentives where user value is sacrificed, such as ad-based revenue models that commercially reward clickbait'; and the 'viral spread of misinformation'. he also calls attention to the 'unintended negative consequences' of the web, which he said had led to 'the outraged and polarised tone and quality of online discourse'."

""When you have a fully digital system you have no weapon to defend yourself if someone turns it off," he says. "If Putin invades Gotland [Sweden's largest island] it will be enough for him to turn off the payments system. No other country would even think about taking these sorts of risks, they would demand some sort of analogue system.""

""History sniffing" promises a nose full of dust or, you're talking about web browsers, a whiff of the websites you've visited. And that may be enough to compromise your privacy and expose data that allows miscreants to target you more effectively with tailored attacks. For example, a phishing gambit that attempts to simulate your bank login page has a better chance of success if it presents the web page for a bank where you actually have an account."

"Launched in response to terror attacks in New Zealand in May, where a lone gunman killed 51 people at two mosques in Christchurch while livestreaming the massacre on Facebook, it calls for the "effective enforcement" of laws prohibiting the dissemination of terrorist content. It also states that all action on the issue must be consistent with the principles of a free, open and secure Internet, without compromising freedom of expression."

"If mediocre malware can power some of the largest DDoS attacks ever, and considering the sad state of security of the Internet of Things in general, we should probably brace for more cyberattacks powered by our easy-to-hack "smart" Internet of Things, as many, including ourselves, had predicted months ago."

"Facebook announced late Friday that it had eliminated jobs in its trending module, the part of its news division where staff curated popular news for Facebook users. Over the weekend, the fully automated Facebook trending module pushed out a false story about Fox News host Megyn Kelly, a controversial piece about a comedian's four-letter word attack on rightwing pundit Ann Coulter"

"The revelation that encrypted email is vulnerable to a variety of devastating attacks (collectively known as "Efail") has set off a round of soul-searching by internet security researchers and other technical people -- can we save email? One way to think about Efail is that it was caused by a lack of central coordination and control over email-reading programs -- the underlying protocols are strong and robust, but they can be implemented in ways that create real problems. In particular, the ability to show HTML inside a message makes email very hard to secure:"

"Robots engender human sympathy. Seen in the wild, they appear to have agency, feelings, and desires. R2D2's spunk, C3PO's intelligence, Wall-E's charm. When delivery bots get stuck on the sidewalk, good Samaritans help them get unstuck. In light of the attack on K5, then, you may be thinking: Poor guy."

"And these machines' vulnerabilities to hacking are "terrifying", Sarah Teale, co-director along with Simon Ardizzone and Russell Michaels, told the Guardian. America's current election infrastructure is, as Kill Chain explains, a prescription for disaster - an outdated, willfully naive system no more prepared for attack than four years ago."

"As more governments turn to contact tracing apps to aid in their efforts to contain the coronavirus outbreak, cybersecurity experts are warning this may spark renewed interest in Bluetooth attacks. They urge developers to ensure such apps are regularly tested for vulnerabilities and release patches swiftly to plug potential holes, while governments should provide assurance that their databases are secure and the data collected will not be used for purposes other than as originally intended. "

"As hospitals face a surge in patients and critical equipment shortages stemming from the coronavirus pandemic, they are increasingly becoming the target of hackers who see health care facilities as easy prey. Ransomware attacks, in which hackers lock up a network and demand payment to return access to these systems, have presented a growing threat to hospitals since January. "

"The Observer has obtained a series of Conservative party attack ads sent to voters last week in the key marginal constituency of Delyn, north Wales. Activists captured the ads using dummy Facebook accounts after finding that their own ad - encouraging young people to register to vote - were being "drowned out" by the Tory ads"

"The hacker compromised the firm's global email server through an "administrator's account" that, in theory, gave them privileged, unrestricted "access to all areas". The account required only a single password and did not have "two-step" verification, sources said."