Saturday, November 17, 2018
The Register

SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more

Plus, why is Kaspersky Lab getting into chess? Roundup  What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
The Register

BlackBerry absorbs Operation Cleaver beaver Cylance into threat detection unit

$1.4bn match made in heaven BlackBerry has made its biggest acquisition ever, spending over half of its cash pile to bolster its threat detection unit.…
The Register

‘Unjustifiably excessive’: Not even London cops can follow law with their rubbish gang database

Gangs Matrix led to 'multiple and serious' breaches of data protection rules, says watchdog London cops have broken data protection rules by using a controversial database that ranks people's likelihood of gang-related violence but fails to distinguish between victims...
The Register

Where to implant my employee microchip? I have the ideal location

Swipe – open toilet door – and swipe again Something for the Weekend, Sir?  "Work out loud," my prospective new employer tells me, adding that "we are a team, not a family". Sister Sledge need not apply.…
The Register

MIT to Oz: Crypto-busting laws risk banning security tests

I see the red team and I want it painted black Australia's government's crypto-busting legislation risks blocking security research, a leading Internet policy boffin has warned.…
The Register

Super Micro chief bean counter: Bloomberg’s ‘unwarranted hardware hacking article’ has slowed our server sales

CEO insists Chinese spy chip bombshell 'impossible' Super Micro Computer on Thursday reported net sales in the range of $952m to $962m for the first quarter of its fiscal 2019, which ended September 30, 2018. That's higher than company...
The Register

Up to three million kids’ GPS watches can be tracked by parents… and any miscreant: Flaws spill pick-and-choose catalog for perverts

Gadgets can be hacked to spy on, find youngsters – claim Parents could be unwittingly putting their children's safety and privacy at risk, thanks to security vulnerabilities in potentially millions of kids' GPS-tracker watches.…
The Register

John McAfee is ‘liable’ for 2012 death of Belize neighbour, rules court

Default judgement for one-time antivirus bad boy Infosec personality John McAfee has been found legally "liable" via a default judgment for the death of his neighbour, who was found dead from a gunshot wound to the head in his...
The Register

The threat to your org’s data lies betwixt chair and keyboard. Join us live on the internet for expert advice on tackling issue

Beware the trusted insider Webcast  If you like true crime stories, you already know that at the end the criminal is usually revealed to be someone the victim knew well.…
The Register

US China-watcher warns against Middle Kingdom tech dominance

5G, IoT, and tech supply chains should go under spotlight Another US government panel has warned of the dangers of over-reliance on Chinese tech vendors: the US-China Economic and Security Review Commission.…
The Register

CISA’s Palace: Congress backs new cybersecurity nerve-center for cyber-America’s cyber-future

CISA heads off for Trump's signature – no, not that CISA, the good one The US House of Representatives has unanimously passed a bipartisan bill that would create a new agency to lead the federal government's cybersecurity efforts.…
The Register

Another Meltdown, Spectre scare: Data-blabbing holes continue to haunt Intel, AMD, Arm

CPU slingers insist existing defenses will stop attacks – but eggheads disagree Computer security researchers have uncovered yet another set of transient execution attacks on modern CPUs that allow a local attacker to gain access to privileged data, fulfilling...
The Register

Did you by chance hack OPM back in 2015? Good news, your password probably still works!

Government audit finds office still hasn't cleaned up from Obama-era megabreach More than three years after suffering one of the largest cyber-attacks in US government history, the Office of Personnel Management has yet to adopt dozens of the security...
The Register

Just because you’re paranoid doesn’t mean hackers aren’t going to nuke your employer into the ground tomorrow

Black Hat survey probes infosec's deepest, darkest fears The number one thing worrying infosec bods right now is… yup, you guessed it, a giant targeted attack that KOs their employers' systems.…
The Register

Want to hack an ATM for free cash? It’s as easy as Windows XP

Bank machines pen testing reveals alarming results ATM machines are vulnerable to an array of basic attack techniques that would allow hackers to lift thousands in cash.…
The Register

Oz telcos’ club asks: Why the hell does Australia Post, rando councils, or Taxi Services Commission want comms metadata?

Tells gov.au: There's your scope creep. Now can we talk about busting cryptography? When Australia implemented its telecommunications data retention regime, privacy wonks worried about the potential for scope creep. The same warnings have been made about the government's...
The Register

Scumbag who called a Call of Duty ‘swatting’ that ended in death pleads guilty to dozens of criminal charges

Another two awaiting trial over slaying of Andrew Finch One of three people charged over the December 2017 “swatting” death of 28-year-old Andrew Finch in the US has pleaded guilty.…
The Register

Call of Duty swatting killer pleads guilty to 47 criminal charges

Another two awaiting trial over sad death of Andrew Finch One of three people charged over the December 2017 “swatting” death of 28-year-old Andrew Finch has entered a guilty plea.…
The Register

It’s November 2018, and Microsoft’s super-secure Edge browser can be pwned eight different ways by a web page

Look, we're tired of doing these headlines too, but for there's patching to do Microsoft and Adobe have delivered the November edition of Patch Tuesday with another sizable bundle of security fixes.…
The Register

Russia: We did not hack the Democrats. But IF we did, we’re immune from prosecution (lmao)

Hackers are lethal weapons, as in diplomatic, oh forget it The Russian government has denied having anything to do with hacking the US Democratic party in 2016, although in a court filing this week stressed that even if it...
SC Magazine

Instagram flaw exposes user passwords

A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users. The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...

Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week

Safer browsing, more bitcoin scams, and the rest of the week's top security news.
The Register

SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more

Plus, why is Kaspersky Lab getting into chess? Roundup  What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
TechRepublic

Is retaining a cybersecurity attorney a good idea for your business?

Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.

Machine Learning Can Create Fake ‘Master Key’ Fingerprints

Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.