Cybersecurity News
Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs
A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.
18 February 2020
Five years after the Equation Group HDD hacks, firmware security still sucks
Device manufacturers are not forcing driver signatures at all times.18 February 2020
Microsoft to deploy ElectionGuard voting software for the first time tomorrow
Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.17 February 2020
Microsoft to deploy ElectionGuard voting software for the first time
Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.17 February 2020
Bug in WordPress plugin can let hackers wipe up to 200,000 sites
Same bug can also let attackers gain access to the admin account.17 February 2020
FC Barcelona Twitter account hacked – again
The same hackers have also got their mitts on social media accounts of other high-profile sporting targets
The post FC Barcelona Twitter account hacked – again appeared first on WeLiveSecurity
17 February 2020
Pay Up, Or We’ll Make Google Ban Your Ads
A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google's AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher's ads with so much bot and junk traffic that Google's automated anti-fraud systems suspend the user's AdSense account for suspicious traffic.17 February 2020
Israeli soldiers tricked into installing malware by Hamas agents posing as women
IDF: Six social media accounts were redirecting soldiers to installing three malware-infected apps.16 February 2020
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.16 February 2020
Our personal health history is too valuable to be harvested by the tech giants | Eerke Boiten
Action to prevent deeper access to our private lives and data is more essential than ever
Health data paints a rich picture of our lives. Even if you remove your name, date of birth and NHS number to “anonymise” yourself, a full health history will reveal your age, gender, the places where you have lived, your family relationships and aspects of your lifestyle.
Used in combination with other available information, this may be enough to verify that this medical history relates to you personally and to target you online. Consequently, whenever the NHS shares health data, even if it is anonymised, we need to have confidence in who it goes to and what they can do with it.
When data about us influences a credit rating or a hiring decision, we are unlikely ever to find out
Continue reading...16 February 2020
IOTA cryptocurrency shuts down entire network after wallet hack
Hackers exploit vulnerability in official IOTA wallet to steal millions15 February 2020
Second Windows 10 update is now causing problems by hiding user profiles
Botched Windows 10 KB4532693 update is hiding user profiles. Uninstalling update fixes problems.15 February 2020
Martin and Dorothie Hellman on Love, Crypto & Saving the World
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
15 February 2020
Bluetooth LE devices impacted by SweynTooth vulnerabilities
BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon.15 February 2020
OpenSSH adds support for FIDO/U2F security keys
OpenSSH 8.2 adds support for authentication via FIDO/U2F protocols, most commonly used with hardware security keys.14 February 2020
Phishing Campaign Targets Mobile Banking Users
Consumers in dozens of countries were targeted, Lookout says.14 February 2020
Huawei Controversy Highlights 5G Security Implications
Security experts say that 5G supply chain concerns should be taken seriously – whether it’s in the context of Huawei or not.
14 February 2020
500 Malicious Chrome Extensions Impact Millions of Users
The malicious Chrome extensions were secretly collecting users' browser data and redirecting them to malware-laced websites.
14 February 2020
There's finally a way to remove xHelper, the unremovable Android malware
Malwarebytes researchers find a way to remove the malware, but they still don't know how it really operates.14 February 2020
Palm Beach Elections Office Hit with Ransomware Pre-2016 Election
Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.14 February 2020