Cybersecurity News


Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.
18 February 2020

Five years after the Equation Group HDD hacks, firmware security still sucks

Device manufacturers are not forcing driver signatures at all times.
18 February 2020

Microsoft to deploy ElectionGuard voting software for the first time tomorrow

Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.
17 February 2020

Microsoft to deploy ElectionGuard voting software for the first time

Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software.
17 February 2020

Bug in WordPress plugin can let hackers wipe up to 200,000 sites

Same bug can also let attackers gain access to the admin account.
17 February 2020

FC Barcelona Twitter account hacked – again

The same hackers have also got their mitts on social media accounts of other high-profile sporting targets

The post FC Barcelona Twitter account hacked – again appeared first on WeLiveSecurity

17 February 2020

Pay Up, Or We’ll Make Google Ban Your Ads

A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google's AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher's ads with so much bot and junk traffic that Google's automated anti-fraud systems suspend the user's AdSense account for suspicious traffic.
17 February 2020

Israeli soldiers tricked into installing malware by Hamas agents posing as women

IDF: Six social media accounts were redirecting soldiers to installing three malware-infected apps.
16 February 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world

Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies.
16 February 2020

Our personal health history is too valuable to be harvested by the tech giants | Eerke Boiten

Our personal health history is too valuable to be harvested by the tech giants | Eerke Boiten

Action to prevent deeper access to our private lives and data is more essential than ever

Health data paints a rich picture of our lives. Even if you remove your name, date of birth and NHS number to “anonymise” yourself, a full health history will reveal your age, gender, the places where you have lived, your family relationships and aspects of your lifestyle.

Used in combination with other available information, this may be enough to verify that this medical history relates to you personally and to target you online. Consequently, whenever the NHS shares health data, even if it is anonymised, we need to have confidence in who it goes to and what they can do with it.

When data about us influences a credit rating or a hiring decision, we are unlikely ever to find out

Continue reading...
16 February 2020

IOTA cryptocurrency shuts down entire network after wallet hack

Hackers exploit vulnerability in official IOTA wallet to steal millions
15 February 2020

Second Windows 10 update is now causing problems by hiding user profiles

Botched Windows 10 KB4532693 update is hiding user profiles. Uninstalling update fixes problems.
15 February 2020

Martin and Dorothie Hellman on Love, Crypto & Saving the World

Martin and Dorothie Hellman on Love, Crypto & Saving the World Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making peace on Earth.
15 February 2020

Bluetooth LE devices impacted by SweynTooth vulnerabilities

BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon.
15 February 2020

OpenSSH adds support for FIDO/U2F security keys

OpenSSH 8.2 adds support for authentication via FIDO/U2F protocols, most commonly used with hardware security keys.
14 February 2020

Phishing Campaign Targets Mobile Banking Users

Consumers in dozens of countries were targeted, Lookout says.
14 February 2020

Huawei Controversy Highlights 5G Security Implications

Huawei Controversy Highlights 5G Security Implications Security experts say that 5G supply chain concerns should be taken seriously – whether it’s in the context of Huawei or not.
14 February 2020

500 Malicious Chrome Extensions Impact Millions of Users

500 Malicious Chrome Extensions Impact Millions of Users The malicious Chrome extensions were secretly collecting users' browser data and redirecting them to malware-laced websites.
14 February 2020

There's finally a way to remove xHelper, the unremovable Android malware

Malwarebytes researchers find a way to remove the malware, but they still don't know how it really operates.
14 February 2020

Palm Beach Elections Office Hit with Ransomware Pre-2016 Election

Palm Beach County's elections supervisor does not believe the attack is linked to Russian hacking attempts targeting Florida.
14 February 2020