SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
Plus, why is Kaspersky Lab getting into chess? Roundup What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
BlackBerry absorbs Operation Cleaver beaver Cylance into threat detection unit
$1.4bn match made in heaven BlackBerry has made its biggest acquisition ever, spending over half of its cash pile to bolster its threat detection unit.…
‘Unjustifiably excessive’: Not even London cops can follow law with their rubbish gang database
Gangs Matrix led to 'multiple and serious' breaches of data protection rules, says watchdog London cops have broken data protection rules by using a controversial database that ranks people's likelihood of gang-related violence but fails to distinguish between victims...
Where to implant my employee microchip? I have the ideal location
Swipe – open toilet door – and swipe again Something for the Weekend, Sir? "Work out loud," my prospective new employer tells me, adding that "we are a team, not a family". Sister Sledge need not apply.…
MIT to Oz: Crypto-busting laws risk banning security tests
I see the red team and I want it painted black Australia's government's crypto-busting legislation risks blocking security research, a leading Internet policy boffin has warned.…
Super Micro chief bean counter: Bloomberg’s ‘unwarranted hardware hacking article’ has slowed our server sales
CEO insists Chinese spy chip bombshell 'impossible' Super Micro Computer on Thursday reported net sales in the range of $952m to $962m for the first quarter of its fiscal 2019, which ended September 30, 2018. That's higher than company...
Up to three million kids’ GPS watches can be tracked by parents… and any miscreant: Flaws spill pick-and-choose catalog for perverts
Gadgets can be hacked to spy on, find youngsters – claim Parents could be unwittingly putting their children's safety and privacy at risk, thanks to security vulnerabilities in potentially millions of kids' GPS-tracker watches.…
John McAfee is ‘liable’ for 2012 death of Belize neighbour, rules court
Default judgement for one-time antivirus bad boy Infosec personality John McAfee has been found legally "liable" via a default judgment for the death of his neighbour, who was found dead from a gunshot wound to the head in his...
The threat to your org’s data lies betwixt chair and keyboard. Join us live on the internet for expert advice on tackling issue
Beware the trusted insider Webcast If you like true crime stories, you already know that at the end the criminal is usually revealed to be someone the victim knew well.…
US China-watcher warns against Middle Kingdom tech dominance
5G, IoT, and tech supply chains should go under spotlight Another US government panel has warned of the dangers of over-reliance on Chinese tech vendors: the US-China Economic and Security Review Commission.…
CISA’s Palace: Congress backs new cybersecurity nerve-center for cyber-America’s cyber-future
CISA heads off for Trump's signature – no, not that CISA, the good one The US House of Representatives has unanimously passed a bipartisan bill that would create a new agency to lead the federal government's cybersecurity efforts.…
Another Meltdown, Spectre scare: Data-blabbing holes continue to haunt Intel, AMD, Arm
CPU slingers insist existing defenses will stop attacks – but eggheads disagree Computer security researchers have uncovered yet another set of transient execution attacks on modern CPUs that allow a local attacker to gain access to privileged data, fulfilling...
Did you by chance hack OPM back in 2015? Good news, your password probably still works!
Government audit finds office still hasn't cleaned up from Obama-era megabreach More than three years after suffering one of the largest cyber-attacks in US government history, the Office of Personnel Management has yet to adopt dozens of the security...
Just because you’re paranoid doesn’t mean hackers aren’t going to nuke your employer into the ground tomorrow
Black Hat survey probes infosec's deepest, darkest fears The number one thing worrying infosec bods right now is… yup, you guessed it, a giant targeted attack that KOs their employers' systems.…
Want to hack an ATM for free cash? It’s as easy as Windows XP
Bank machines pen testing reveals alarming results ATM machines are vulnerable to an array of basic attack techniques that would allow hackers to lift thousands in cash.…
Oz telcos’ club asks: Why the hell does Australia Post, rando councils, or Taxi Services Commission want comms metadata?
Tells gov.au: There's your scope creep. Now can we talk about busting cryptography? When Australia implemented its telecommunications data retention regime, privacy wonks worried about the potential for scope creep. The same warnings have been made about the government's...
Scumbag who called a Call of Duty ‘swatting’ that ended in death pleads guilty to dozens of criminal charges
Another two awaiting trial over slaying of Andrew Finch One of three people charged over the December 2017 “swatting” death of 28-year-old Andrew Finch in the US has pleaded guilty.…
Call of Duty swatting killer pleads guilty to 47 criminal charges
Another two awaiting trial over sad death of Andrew Finch One of three people charged over the December 2017 “swatting” death of 28-year-old Andrew Finch has entered a guilty plea.…
It’s November 2018, and Microsoft’s super-secure Edge browser can be pwned eight different ways by a web page
Look, we're tired of doing these headlines too, but for there's patching to do Microsoft and Adobe have delivered the November edition of Patch Tuesday with another sizable bundle of security fixes.…
Russia: We did not hack the Democrats. But IF we did, we’re immune from prosecution (lmao)
Hackers are lethal weapons, as in diplomatic, oh forget it The Russian government has denied having anything to do with hacking the US Democratic party in 2016, although in a court filing this week stressed that even if it...
Instagram flaw exposes user passwords
A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users.
The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...
Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week
Safer browsing, more bitcoin scams, and the rest of the week's top security news.
SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
Plus, why is Kaspersky Lab getting into chess? Roundup What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
Is retaining a cybersecurity attorney a good idea for your business?
Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.
Machine Learning Can Create Fake ‘Master Key’ Fingerprints
Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.
