RSS Reader for Computer Security Articles
With surveillance hawk Jeff Sessions about to head up Trump’s DOJ, privacy advocates push for a long-overdue bill to lock in digital privacy protections. The post Everyone Wants a New Email Privacy Act—Except the Next Attorney General appeared first on WIRED.
Read More
A hacker is proving that sites on the dark web, shrouded in anonymity, can easily be compromised.
On Friday, the unnamed hacker began dumping a sizable database stolen from Freedom Hosting II onto the internet, potentially exposing its users.
The hosting service, Freedom Hosting II, was known for operating thousands of sites that were accessible through the Tor browser; the “dark web” is essentially the encrypted network comprising Tor servers and browsers. But on Friday, the service appeared to be down. Its main landing page was replaced with a message saying that it had been hacked.
Allegedly, Freedom Hosting II had been hosting child pornography sites, though its anonymous operator claimed to have a zero-tolerance policy toward such content, according to the hacker behind the breach.
To read this article in full or to leave a comment, please click here
Every year during holiday seasons, the number of phishing websites increases. This is particularly true for online gaming distribution platforms. In some cases, users not only have their login credentials stolen, but they also end up downloading and executing malicious executables. As expected, the more popular a platform is, the more targeted it will be, which is why this research blog focuses on two malware samples obtained from fake Origin and Steam websites. Figure 1. Fake Origin phishing website Origin Malware Sample In addition…
Domain Name System Security Extensions (DNSSEC) secures the Domain Name System (DNS), right? Yes, but that’s not the whole story. DNSSEC can also introduce troubles into your DNS server. Recently, a BIND bug caused by a missing RRSIG record, which is a part of DNSSEC, was fixed by a patch from the Internet Systems Consortium (ISC). This bug affects all versions of BIND recursive servers, and can cause a denial of service (DoS.) This potential DoS vulnerability is caused by a RUNTIME CHECK error in Resolver.c when handling the DNS…
Fortinet recently sat down with Derek Manky, Global Security Strategist at Fortinet, to learn about the biggest cybersecurity threats to healthcare in 2017.
Read More
Popular smart TV maker Vizio will pay $2.2 million to settle complaints that it violated customers’ privacy by continuously monitoring their viewing habits without their knowledge.
Beginning in February 2014, the Irvine, California-based TV maker tracked what TV shows customers were watching on 11 million TV sets sold in the U.S., the Federal Trade Commission and the Office of the New Jersey Attorney General said in a complaint, released Monday.
Vizio smart TVs captured “second-by-second” information about video displayed, including video from consumer cable services, broadband, set-top boxes, DVDs, over-the-air broadcasts and streaming devices, according to the complaint.
To read this article in full or to leave a comment, please click here
After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users.
Last week, researchers from the Microsoft Malware Protection Center warned about a new wave of spam emails that carried malicious .LNK files inside ZIP archives. Those files had malicious PowerShell scripts attached to them.
PowerShell is a scripting language for automating Windows system administration tasks. It has been abused to download malware in the past and there are even malware programs written entirely in PowerShell.
To read this article in full or to leave a comment, please click here
There seems to be no form of computing which is safe from hacking, but some, such as the Chinese, have pinned their hopes on quantum computing having uncrackable communications. Yet University of Ottawa researchers have managed to build “the first high-dimensional quantum cloning machine capable of performing quantum hacking to intercept a secure quantum message.”
Last year, China launched the world’s first known quantum communications satellite; the Chinese believed its Quantum Experiments at Space Scale (QUESS) satellite was a step toward “creating an unhackable communications system.” While it may seem like the Canadian researchers have poked holes in the dream of secure quantum communications, the opposite may actually be true.
To read this article in full or to leave a comment, please click here