New clues show how Russia’s grid hackers aimed for physical destruction
Enlarge (credit: Joshua Lott/Bloomberg via Getty Images)
For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of...
600,000 GPS trackers for people and pets are using 123456 as a password
Enlarge (credit: Shenzhen i365 Tech)
An estimated 600,000 GPS trackers for monitoring the location of kids, seniors, and pets contain vulnerabilities that open users up to a host of creepy attacks, researchers from security firm Avast have found.
The...
Google Play app with 100 million downloads executed secret payloads
Enlarge (credit: NurPhoto | Getty Images)
The perils of Google Play are once again on display with the discovery of an app with 100 million downloads that contained a malicious component that downloaded secret payloads onto infected Android...
Self-driving car service open sources new tool for securing firmware
Enlarge (credit: Collin Mulliner)
Developing and maintaining secure firmware for tablets, cars, and IoT devices is hard. Often, the firmware is initially developed by a third party rather than in-house. And it can be tough as projects move...
Judge allows suit against AT&T after $24 million cryptocurrency theft
Enlarge / An AT&T store in New Jersey. (credit: Michael Brochstein/SOPA Images/LightRocket via Getty Images)
When Michael Terpin's smartphone suddenly stopped working in June 2017, he knew it wasn't a good sign. He called his cellular provider, AT&T,...
Tech firms “can and must” put backdoors in encryption, AG Barr says
Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. (credit: Elijah Nouvelage | Getty Images)
US Attorney General William...
Silent Mac update nukes dangerous webserver installed by Zoom
Enlarge (credit: Kena Betancur/Getty Images)
Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac.
The webserver accepts connections from any device connected to the...
Microsoft OneDrive gets a more secure Personal Vault, plus additional storage options
Enlarge / Microsoft at a trade show. (credit: Getty Images | Justin Sullivan)
Microsoft is launching a new layer of security for users of its OneDrive cloud storage service. OneDrive Personal Vault is a new section of your storage...
The clever cryptography behind Apple’s “Find My” feature
Enlarge / The 2018 15-inch Apple MacBook Pro with Touch Bar. (credit: Samuel Axon)
When Apple executive Craig Federighi described a new location-tracking feature for Apple devices at the company's Worldwide Developer Conference keynote on Monday, it sounded—to...
Windows 10 May 2019 Update now rolling out to everyone… slowly
Enlarge (credit: David Holt / Flickr)
To avoid a replay of the problems faced by the Windows 10 October 2018 Update, version 1809, Microsoft has taken a very measured approach to the release of the May 2019 Update,...
33 Linksys router models leak full historic record of every device ever connected
(credit: US Navy)
More than 20,000 Linksys wireless routers are regularly leaking full historic records of every device that has ever connected to them, including devices' unique identifiers, names, and the operating systems they use. The data can...
The radio-navigation planes use to land safely is insecure and can be hacked
Enlarge / A plane in the researchers' demonstration attack as spoofed ILS signals induce a pilot to land to the right of the runway. (credit: Sathaye et al.)
Just about every aircraft that has flown over the past...
New speculative execution bug leaks data from Intel chips’ internal buffers
First disclosed in January 2018, the Meltdown and Spectre attacks have opened the floodgates, leading to extensive research into the speculative execution hardware found in modern processors, and a number of additional attacks have been published in the months...
Bloomberg alleges Huawei routers and network gear are backdoored
Enlarge / PORTUGAL - 2019/03/04: 5G logo is seen on an android mobile phone with Huawei logo on the background. (credit: Omar Marques/SOPA Images/LightRocket via Getty Images)
Vodafone, the largest mobile network operator in Europe, found backdoors in...
Password1, Password2, Password3 no more: Microsoft drops password expiration rec
For many years, Microsoft has published a security baseline configuration: a set of system policies that are a reasonable default for a typical organization. This configuration may be sufficient for some companies, and it represents a good starting point...
Ning Wang – Offensive Security
Ning WangCEO Offensive Security
Why Nominated: Ning Wang is a rising star has worked to break the
boundaries in the security industry, so that people can see that anyone is
capable of starting a career in cybersecurity and advancing it –...
Dani Martínez – IOActive
Dani MartínezSecurity ConsultantIOActive
Why nominated:
Dani Martínez proved to be a self-starter, beginning his career in
IT he soon developed an interest in cybersecurity and began taking online
courses in his spare time. Martínez also dove write in and began a
cybersecurity blog...
Maurice Stebila – Harman, a Samsung Company
Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company
Why nominated: Maurice Stebila has spent more than 30 years in the automotive,
manufacturing and financial services industry supporting two of the world’s
largest companies – EDS/General Motors and Harman by Samsung...
Ed Adams – Security Innovation
Ed AdamsPresident and CEOSecurity Innovation
Why Nominated:
A highly respected veteran of the cybersecurity industry, Security Innovation
CEO Ed Adams has taken on several new leadership roles in the year or so. Last
April, he was named to board of directors of...
David Archer – Galois
David ArcherPrincipal scientistGalois
Why Nominated: Archer, an
advocate for preserving privacy of data even when it’s used in decision-making
both within the U.S. at all levels of government as well as internationally,
directs research in privacy-preserving information technologies.
Profile: David Archer is all...
