Wednesday, June 19, 2019
Internet Storm Center Infocon Status


6 Security Tips That’ll Keep the Summer Fun

Taking some time off this summer? Before you head out on vacation, make sure your devices and apps are also ready.

How AI-enhanced malware poses a threat to your organization

Malware controlled by artificial intelligence could create more convincing spam, avoid security detection, and better adapt itself to each target, says a new report from Malwarebytes.

Tech news roundup: HPE Discover 2019, Facebook’s Libra cryptocurrency, and Google Cloud’s debacle

This week's TechRepublic and ZDNet news stories include a look at the companies that hire the most data scientists, four significant impacts of a security breach, and a first-hand account of a major hack job.

Oracle Releases Security Advisory for WebLogic

Original release date: June 19, 2019Oracle has released a security alert to address a vulnerability in WebLogic. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the...
SC Magazine

ACLU tells Ga. Supreme Court Fourth Amendment should apply to personal data stored by cars

Fourth Amendment protections should apply to personal data in a car’s Event Data Recorder, the American Civil Liberties Union (ACLU) will argue before the Georgia Supreme Court today. The state’s high court is hearing oral arguments in Mobley v. State, which challenges law...
PC Mag

Can Anything Protect Us From Deepfakes?

Along with fake news, forged videos have become a national security concern, especially as the 2020 presidential elections draw near. Researchers at the University of Surrey have developed a solution that might solve the problem.

How Hackers Emptied Church Coffers with a Simple Phishing Scam

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.

Cloud Security Firm Valtix Emerges From Stealth With $14 Million in Funding

Santa Clara, California-based Valtix emerged from stealth mode on Wednesday with a cloud-native network security platform and $14 million in initial funding. read more

How to prevent Android from displaying passwords

Don't let bystanders see your Android passwords as you type them. Find out how to disable this feature.

76% of mobile apps have flaws allowing hackers to steal passwords, money, and texts

Android apps have more critical vulnerabilities than iOS apps do, according to a Positive Technologies report.
SC Magazine

Report: Iran claims to have thwarted a U.S. cyber espionage operation

Iran is reportedly claiming that it successfully uprooted a CIA-led cyber espionage operation and arrested several U.S. spies in the process. “One of the most complicated CIA cyber espionage networks that had an important role in the CIA’s operations in...

645,000 people warned their personal health data at risk after phishing attack

The Oregon Department of Human Services has started notifying more than 600,000 people that their personal details have been put at risk after staff were tricked into granting hackers access to millions of emails. Read more in my article on...

Data breach forces medical debt collector AMCA to file for bankruptcy protection

The aftermath of the data breach seems to be too much for AMCA to bear.

Google Boosts Chrome Protection Against Deceptive Sites

Google is making web browsing with Chrome safer with a new option for reporting suspicious websites and a new warning mechanism for sites that use deceptive URLs. read more

Helping organizations do more without collecting more data

Posted by Amanda Walker - Engineering Director, Sarvar Patel - Software Engineer, and Moti Yung - Research Scientist, Private ComputingWe continually invest in new research to advance innovations that preserve individual privacy while enabling valuable insights from data. Earlier...

How to prepare for and navigate a technology disaster

Technology emergencies can be the most stressful moments of an IT professional's career. But they don't have to if you plan ahead.

Come to Black Hat USA for the Latest Hardware Hacks

Cars. Vending machines. Hotel suites. Security experts will share the tools and techniques they've used to break into all these things and more at Black Hat USA in October.

Samba Releases Security Updates

Original release date: June 19, 2019The Samba Team has released security updates to address vulnerabilities in Samba 4.9 and all versions of Samba from 4.10 onward. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.The Cybersecurity and...

645,000 Clients Affected in Oregon Department of Human Services Data Breach

Oregon Department of Human Services officials say they are notifying about 645,000 clients whose personal information is at risk from a January data breach. read more

Facebook’s Currency Libra Faces Financial, Privacy Pushback

Facebook is getting a taste of the regulatory pushback it will face as it creates a new digital currency with corporate partners. read more

Netflix researcher spots TCP SACK flaws in Linux and FreeBSD

Three vulnerabilities in the FreeBSD and Linux kernels could allow attackers to induce a denial-of-service by clogging networking I/O.

Pass the salt! Popular CMSs aren’t securing passwords properly

A group of researchers has discovered that many of the web's most popular content management systems are using obsolete algorithms to protect their users' passwords.
The Register

NASA’s JPL may be able to reprogram a probe at the arse end of the solar system, but its security practices are a bit crap

Office of the Inspector General brings lab back down to Earth NASA's Jet Propulsion Lab still has "multiple IT security control weaknesses" that expose "systems and data to exploitation by cyber criminals", despite cautions earlier this year.…
PC Mag

This South Dakota Summer Camp Is All About CybHER Security

Dr. Pam Rowland, an assistant professor in cyber security at Dakota State University, is leading the charge to attract more women to the field through groups like CybHER, which kicks off its summer camp for teens this weekend in...
SC Magazine

Harmonization of the NIST framework for risk, security and privacy

Amidst rising concern around consumer data privacy, NIST is currently developing a data privacy framework that is similar in spirit to the popular Cybersecurity Framework (CSF). Like the CSF, the upcoming privacy Framework will be a close inter-collaboration between public and private sector stakeholders...


645,000 people warned their personal health data at risk after phishing attack

The Oregon Department of Human Services has started notifying more than 600,000 people that their personal details have been put at risk after staff were tricked into granting hackers access to millions of emails. Read more in my article on...

NHS service accidentally reveals identities of HIV patients in email blunder

An NHS health board has found itself in the awkward position of apologising to 37 HIV patients, after accidentally disclosing their identities.
Bruce Schneier

Maciej Cegłowski on Privacy in the Information Age

Maciej Cegłowski has a really good essay explaining how to think about privacy today: For the purposes of this essay, I'll call it "ambient privacy" -- the understanding that there is value in having our everyday interactions with one another...

Bella Thorne releases her own topless photos after hacker threats

Actress refuses to play into hacker’s hands, and publishes topless images of herself.
Bruce Schneier

Data, Surveillance, and the AI Arms Race

According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China -- one with serious implications for national security. The conventional version of this story suggests that the...