KM

3,157 Added | 1 Magazine | 1 Like | 1 Following | 44 Followers | @KM1a4br | Keep up with KM on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “KM”

Air Force security hackathon leads to record payout

The US Air Force's second security hackathon has paid dividends... both for the military and the people finding holes in its defenses. HackerOne has revealed the results of the Hack the Air Force 2.0 challenge from the end of 2017, and it led to volunteers discovering 106 vulnerabilities across …

Hackathons

Electric Vehicles May Raise India’s Risk of Cyber-Security Breaches

India’s dependence on imported components for electric vehicles could make the country vulnerable to cyber-security breaches, according to the …

NITI Aayog

macOS May Lose Data Due to APFS Filesystem Bug

Under certain conditions, macOS may copy data into the void, leading to data loss of important files, all due to a bug in how the operating system …

Information Security

MeltdownPrime and SpectrePrime: Researchers nail exploits

Research from authors with affiliations that include Princeton and NVIDIA has drawn interest with their paper, "MeltdownPrime and SpectrePrime: …

Information Security

Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers

A hacker group has made over $3 million by breaking into Jenkins servers and installing malware that mines the Monero cryptocurrency.<p>Hackers are …

Information Security

Malicious cyber activity cost U.S. up to $109 billion in 2016: White House report

WASHINGTON (Reuters) - Malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016, the White House Council of Economic Advisers estimated in a report on Friday.<p>The report quoted the U.S. intelligence community as saying the main foreign culprits responsible for much …

Cybersecurity

The State of Ransomware: Attacks Up, Payments Down as Firms Fight Back

Ransomware isn’t going away. As noted by Infosecurity Magazine, European small and midsize businesses (SMBs) paid out almost $100 million last year …

Kaspersky Lab

Google Discloses Microsoft Edge Security Feature Bypass

Google has gone public with details about a Microsoft Edge vulnerability that attackers could abuse and bypass one of the browser's security features …

Information Security

State elections officials fret over cybersecurity threats

State elections officials said Saturday that they want more information from federal officials to ensure they are protected from cybersecurity threats in light of evidence that foreign operatives plan to try to interfere in the midterm elections.<p>At a conference of state secretaries of state in …

Cybersecurity

'China's gift to Africa': How China spied on the African Union via donated computers

For a period of 5 years, China continued to spy on all electronic communications at the African Union’s headquarters in Addis Ababa, Ethiopia. The Chinese spy operation continued throughout this period without being detected until some network administrators at the AU’s headquarters discovered it …

Addis Ababa

How to keep scammers from stealing your phone number

Because once they have it, your bank account may be at risk as well.<p>Last week, some T-Mobile customers -- including a CNET staffer -- received a strange text message:<p>Alarming, no? Was the text from T-Mobile proper, or was it a form of phishing -- an attempt to get you to visit a malicious web …

Identity Theft

Amazon AWS Cloud Leak: 119,000 FedEx Customer Records

FedEx customer identification records recently were discovered on an unsecured Amazon Simple Storage Service (S3) cloud server, according to Kromtech …

Cloud Computing

How security became more important than convenience

Since the dawn of infosec, the belief that we users are a group of dullard cattle who blindly trade our own security for convenience at every turn has been trumpeted by the stewards of IT and the infosec-arrogant, while bolstered by old research.<p>Not anymore, says a new in-depth study from IBM on …

Information Systems

Intel currently facing 32 class-action lawsuits for Spectre and Meltdown

Yesterday, Intel expanded its bug bounty program to catch more issues like the extensive Meltdown and Spectre CPU flaws, but that was too little, too late for some chip owners. We knew three class-action lawsuits were filed in early January days after the vulnerabilities were publicized, but …

Class Action

How To: Use U2F Security Keys on Your Smartphone to Access Your Google Account with Advanced Protection

Security-minded users can reduce the risk of phishing by enabling Advanced Protection on important Google accounts, requiring a U2F security token to …

White Hat

Cyber attacks reportedly cost the US as much as $109 billion in 2016

Cyber attacks are increasingly becoming a fact of life. North Korea attacked aerospace and telecom networks last year. Olympics officials confirmed a recent attack that took place during the opening ceremonies. While Russia denied its involvement in the devastating NotPetya attacks, the US has …

Cybersecurity

FedEx Customer Data Exposed on Unsecured S3 Server

Thousands of documents from US and international citizens were exposed on an Amazon S3 bucket configured for public access.<p>Data belonging to …

Information Security

Microsoft is distributing security patches through insecure HTTP links

The Microsoft Update Catalog uses insecure HTTP links – not HTTPS links – on the download buttons, so patches you download from the Update Catalog …

IT security

Are your favorite websites mining Bitcoin? Here's how to find out

Some websites might be using your CPU to mine cryptocurrencies like Bitcoin without your knowledge.<p>Mining of cryptocurrencies like Bitcoin can be lucrative. But there's a catch: it requires time and a lot of computing power. If you could somehow spread those computing demands out among hundreds — …

Cryptocurrency

Siemens Leads Launch of Global Cybersecurity Initiative

The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.<p>ICS/SCADA giant Siemens, along with …

Information Security

A Hacker Has Wiped a Spyware Company’s Servers—Againp

"I don't want to live in a world where younger generations grow up without privacy."<p>Last year, a vigilante hacker broke into the servers of a company that sells spyware to everyday consumers and wiped their servers, deleting photos captured from monitored devices. A year later, the hacker has done …

Security

How to Conduct a Mobile Security Risk Assessment

As security threats and mobile devices evolve, IT departments and organizations constantly need to audit their mobile security needs and internal …

Information Security

Russian Hackers Sentenced in Heartland Payment Systems Breach Case

Two more men involved in the massive payment card theft from multiple major US corporations that began in 2007 now sent to federal prison.<p>It's been …

Information Security

Intel facing 32 lawsuits over Meltdown and Spectre CPU security flaws

Shareholders also allege insider trading<p>Intel has revealed today that the company is facing at least 32 lawsuits over the Meltdown and Spectre CPU flaws. “As of February 15, 2018, 30 customer class action lawsuits and two securities class action lawsuits have been filed,” says Intel in an SEC …

Computer Science

Hackers are using Google Play Store apps to secretly mine cryptocurrency on your Android phone

Sophos identified 19 apps in the Google Play Store that mine the cryptocurrency Monero<p>19 Android apps that secretly mine the cryptocurrency Monero …

Google Play

Siemens builds consortium of powerhouses for a community of cyber trust

Siemens has formed a consortium of giant companies to form a community of trust to build greater cyber security. The major industrial and tech allies in the consortium include Airbus, Allianz, Daimler Group, IBM, MSC, NXP, SGS, and Deutsche Telekom.<p>Those companies believe that cybercrime is getting …

Cybersecurity

Meltdown-Spectre flaws: We've found new attack variants, say researchers

Intel and AMD may need to revisit their microcode fixes for Meltdown and Spectre.<p><i>Video: Fake Meltdown-Spectre patch emails hiding Smoke Loader malware</i><p>…

Information Security

North Korea-Linked Cyberattacks Spread Out of Control: Report

New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors …

Information Security

Raw sockets backdoor gives attackers complete control of some Linux servers | Ars Technica

"Chaos" gives attackers, and follow-on attackers, full control over infected boxes.<p>A stealthy backdoor undetected by antimalware providers is giving …

Information Security

How To: Hack Your Neighbor with a Post-It Note, Part 2 (Setting Up the Attack)

In the previous article in this short series, we learned how to find our neighbor's name using publicly accessible information and how to monitor …

Linux