Throwback Thursday: Bank error in your favor, collect $100,000

Credit to Author: Sharky| Date: Thu, 05 Dec 2019 03:00:00 -0800

It’s the late 1980s, and this pilot fish is working as a teller at small suburban bank with a few branches.

“Automation is catching on, but slowly,” says fish. “We have terminals to process deposits, withdrawals and money orders — but at the end of the day, the branch manager still takes our totals and enters them into a handwritten ledger.”

The terminals use a text-based menu for everything, but for some operations that require a manager’s approval — say, printing a cashier’s check — the manager must walk over, hold down an override key and type in a password to let the teller access the check-printing menu.

Fish notices that the console beeps now and then during the password process. But it doesn’t happen every time, and there’s no pattern he can detect.

To read this article in full, please click here

Read more

The iPhone 11 Pro’s Location Data Puzzler

Credit to Author: BrianKrebs| Date: Wed, 04 Dec 2019 03:51:15 +0000

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company’s own privacy policy.

Read more

Microsoft Patch Alert: November patches behave themselves – with a few exceptions

Credit to Author: Woody Leonhard| Date: Tue, 03 Dec 2019 10:29:00 -0800

What a relief. The only major patching problem for November came from Office, not Windows. We had a handful of completely inscrutable patches – including two .NET non-security previews that apparently did nothing – but that’s the worst of it.

November saw the last security patch for Win10 version 1803. Win10 version 1909 got released, gently. We also had a much-hyped “exploited” zero-day security hole in Internet Explorer (again) that didn’t amount to a hill of beans (again).

To read this article in full, please click here

Read more

How blockchain will kill fake news (and four other predictions for 2020)

Credit to Author: Lucas Mearian| Date: Mon, 02 Dec 2019 03:00:00 -0800

As blockchain’s hype cycle continues to befuddle many about its potential beyond  cryptocurrencies, businesses and governments are moving ahead with projects involving everything from digital identities to voting and supply chain tracking.

Blockchain has slipped into the “Trough of Disillusionment” (see Gartner Hype Cycle), because it got ahead of its technical and operational maturity. As a result, interest has waned as most experiments and implementations failed to provide expected results.

To read this article in full, please click here

Read more

Apple confirms HomeKit-secured CCTV and router systems

Credit to Author: Jonny Evans| Date: Wed, 27 Nov 2019 06:14:00 -0800

Apple has at last confirmed which routers and smart home security systems will support the HomeKit Secure Video and HomeKit-enabled routers systems it introduced in iOS 13.

Safe as houses?

HomeKit Secure Video and HomeKit-enabled routers patch two of the bigger gaps in smart home security coverage: they give users strong control over who can access video captured in your home and also provide a welcome additional barrier against hackers and others attempting to break into home networks via the router.

To read this article in full, please click here

Read more

It’s Way Too Easy to Get a .gov Domain Name

Credit to Author: BrianKrebs| Date: Wed, 27 Nov 2019 02:08:55 +0000

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own .gov domain.

Read more

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Credit to Author: BrianKrebs| Date: Tue, 26 Nov 2019 13:32:21 +0000

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and eastern United States.

Read more