Cybersecurity News, Articles and Updates

ACLU to deliver petition requesting Amazon stop selling surveillance technology to the government

The American Civil Liberties Union and other advocacy groups are delivering their petition to Amazon's Seattle headquarters today requesting that it stop selling surveillance technology to the government.

Uber's drunk passenger patent could be a 'privacy nightmare for consumers

Uber recently applied for a patent to use artificial intelligence to spot drunken drivers

Crook gets 20 years for literal domain hijacking at gunpoint

A man was sentenced to 20 years in prison after giving a new meaning to the term domain-hijacking when attempting to forcibly steal a domain name from someone at gunpoint.

Processors should practice SafeSpec to overcome Spectre/Meltdown problems

Scientists have devised a way to defeat the Meltdown and Spectre security vulnerabilities caused by speculative execution in modern processors.

Reset 2018: How cyber-immune systems compare to biological immune systems

In the opening presentation of Reset 2018, Mary Haigh, product director BAE Systems dissected the analogy of cyber-immune systems and biological immune systems, concluding there were indeed parallels - but its not an exact fit.

Reset 2018: All-female expert lineup for cybersec conference breaks mould

Reset 2018, held in central London yesterday, is a cyber-security conference with a difference, comprising insights from 15 female experts in cyber-security explaining the evolving cyber-threat landscape.

Reset 2018: Stuxnet - the prototype for industrial control attacks

The keynote speaker at yesterday's Reset 2018 was Kim Zetter, an investigative journalist and author of an acclaimed book on Stuxnet (Countdown to Zero Day: Stuxnet and the launch of the world's first digital weapon).

Virginia Department of Environmental Quality website hacked

The incident was reported on May 22 after the intrusion was "detected and contained quickly."

U.S. counterspy warns World Cup travelers to leave electronics stateside

American's traveling to Russia for the World Cup games have been advised to leave their personal electronic devices stateside.

It's FIFA World Cup season, do you know where your cybersecurity pros are?

With nearly half the world watching, odds are several security professionals will be looking to sneak a peak of the game which could be bad for the security of your business.

Great Falls College's CyberCamp teaches teens cybersecurity

For years kids have been attending band camp, soccer camp and even clown camp, but now teens in Montana have the opportunity to spend a week at CyberCamp.

Tapplock Smart locks found to be physically and digitally vulnerable

Tapplock Smart locks contain several physical and digital vulnerabilities, each of which could allow an attacker to crack the lock with some attacks taking as little as two seconds to execute.

VMware patches RCE flaw for AirWatch Agent for Android, AirWatch Agent for Windows

VMware has released updates to resolve a remote code execution vulnerability in AirWatch Agent for Android and AirWatch Agent for Windows.

European authorities fine Yahoo! And Optical Center

European authorities are already cracking down on firm's improperly securing customer data from before GRPR went into effect.

South Korean cryptocurrency exchange hit, sparking drop in bitcoin prices; Ethereum heist nets $20M

Over the weekend, threat actors made off with about 30 percent of the coins traded on the Conrail exchange, although the firm didn't quantify the value of the heist.

Cybercrime-fighting dogs to the rescue

In addition to sniffing out drugs, bombs, and other weapons, police are training their canine units to assist in fighting cybercrime by sniffing out hidden electronic devices.

Mozilla patches heap buffer overflow in Firefox browsers

The Mozilla Foundation Security has released an advisory to patch critical vulnerabilities in Firefox and Firefox ESR products which could allow a remote attacker to take control of an affected system.

Privacy by design BSI standard being developed for IOT devices and apps

BSI confirms that it is running the secretariat for a new ISO Project Committee developing ISO 23485 Consumer protection - Privacy by design for consumer goods and services - aimed at protecting consumers' domestic privacy.

Encryption: U.S. is the most exposed country, report

Researchers measured countries by their native unencrypted services on the public internet, service on the internet that is unsuitable for public access, and service subject to amplification abuse via connectionless communication.

DHS documents 'only a matter of time' until airline hack

The statement came from a Department of Energy government research laboratory focusing on the lab's findings around aviation cybersecurity and was included in government internal presentations and risk assessments.

Prowli campaign monetized 40K machines across various industries

The campaign dubbed Operation Prowli was observed targeting vulnerable platforms, including CMS servers, backup servers, DSL modems and IOT devices to mine cryptocurrency, promote fake websites and run tech support scams,

States gearing up for 2018 elections by requesting Federal cybersecurity funding

The U.S Election Assistance Commission (EAC) announced that 26 states have requested $209,638,865, or 55 percent of the allocated $380 million for Help American Vote Act (HAVA) funds.

Microsoft's Github buy: is it good news for security?

Microsoft has announced a £5.6 billion deal to acquire software development platform GitHub, arguably the most visible open source resource online.

Florida leads list of states with worst cyber hygiene, New Hampshire the safest

When it comes to cyber hygiene people who live in the Northeast are marginally more likely to have good habits, while those with poor habits are scattered liberally across the country, according to a new Webroot report.

Atlanta cyberattack destroyed critical police evidence

The attack wiped out the city police department's dashcam footage archive, which could compromise DUI cases and has already left a Police Department investigator unable to produce a critical piece of evidence during testimony.

Trickbot and IcedID team up to boost revenues from victims

The botnet operators behind IcedID and Trickbot are collaborating with each other and possibly sharing their ill-gotten gains, according to security researchers.

InfoSec 2018. TalkTalk hack - lessons learned - the board perspective

Between the lines, Dido Harding admits that the board didn't listen to or understand their cyber-security teams - who weren't forceful enough in articulating business risk.