Tuesday, March 19, 2019

CIA bribery scam – crooks offer to erase child abuse evidence for $10,000

This scam is both intimidating and disturbing - the crooks are presenting themselves as corrupt CIA officials who will take a bribe.

Microsoft won’t patch Windows registry warning problem

A security researcher has found a way to tinker with Windows’ core settings while persuading users to accept the changes.

Gargantuan Gnosticplayers breach swells to 863 million records

Another 26m records stolen from another six online companies brings this hacker's total number of records to 863m from 38 websites.

Court: Embarrassing leaks of internal Facebook emails are fishy

The leaks point to a plot, a Calif. court said, ordering pikini app maker Six4Three to hand over its lawyers' chats with the ICO.

Epic in hot water over Steam-scraping code

Players noticed that Epic Games was gathering and storing data from Steam accounts without their permission.

MySpace loses 50 million songs in server migration

Everything uploaded prior to 2015 is gone for good, the cobwebby social network finally admitted.

Child-friendly search engines: How safe is Kiddle?

Kiddle and Kidrex are meant to deliver age-appropriate search results, filtering out internet nastiness. But how do they really stack up?

Home DNA kit company now lets users opt out of FBI data sharing

FamilyTreeDNA has disclosed that it's opened up DNA profiles to the FBI to help find suspects of violent crime.

DARPA is working on an open source, secure e-voting system

The US Government is working on an electronic voting system that it hopes will prevent people from tinkering with voting machines at the polls.

Intel releases patches for code execution vulnerabilities

Intel released patches last week, fixing a range of vulnerabilities that could allow attackers to execute code on affected devices.

G Suite admins can now disallow SMS and voice authentication

Users of G Suite may find that the option to authenticate themselves via SMS or voice call has suddenly disappeared.

WordPress 5.1.1 patches dangerous XSS vulnerability

Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site.

Monday review – the hot 23 stories of the week

From a Citrix breach to John Oliver's FCC anti-robocall campaign, and everything in between - it's weekly roundup time.

Sextortion – what’s new, and what to do [VIDEO]

Share this video with your less tech-savvy friends and family to set their minds at rest about sextortion.

You left WHAT on that USB drive?!

Nudies, taxes, and memos - oh, my! Research shows that even if we think we've deleted content on the sticks, we're leaving all that and more.

Ep. 023 – Facebook promises and Google Chrome patches [PODCAST]

Here's the latest Naked Security podcast - listen now, and tell your friends and colleagues about us, too!

Facebook outage coincides with (or causes?) 3m new Telegram users

A worldwide, nearly day-long outage at Facebook led to Telegram having a busy, busy day.

How to make DuckDuckGo your default Chrome search engine

Good news for the privacy-conscious. Chrome 73, released Tuesday, now includes the DuckDuckGo search engine as an option.

Will the next version of Android get location privacy right?

Google has confirmed that improved control over location tracking is one of several new privacy features in the next version of its mobile OS, Android Q.

Serious Security: What we can all learn from #PiDay

Pi Day isn't just about circles or special numbers - there are some cybersecurity lessons in there, too, and here they are...
SC Magazine

Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack

Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night. The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
SC Magazine

Glitch exposes Sprint customer data to other users

A bug has allowed some Sprint customers to see the personal data of other customers from their online accounts. The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.