The Race to Hide Your Voice
Credit to Author: Matt Burgess| Date: Wed, 01 Jun 2022 11:00:00 +0000
Voice recognition—and data collection—have boomed in recent years. Researchers are figuring out how to protect your privacy.
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
Security
Why Industry 4.0 must think more like Apple
Credit to Author: Jonny Evans| Date: Tue, 31 May 2022 12:16:00 -0700
For industrial applications, the Internet of Things risks becoming the Internet of Thieves. Perhaps industries making use of connected solutions should take a leaf out the Apple book and lock down their infrastructure.
What the ethical hackers say
As digital processes become deeply embedded across every industry, it makes sense that industrial control systems were tested at this year’s Pwn2Own contest. Hackers were asked to seek out vulnerabilities in industrial software and systems.
Contest winners Daan Keuper and Thijs Alkemade found that once they managed to break into the IT networks used at these companies, it was “relatively easy” to then cause havoc with systems and equipment.
You Need to Update iOS, Chrome, Windows, and Zoom ASAP
Credit to Author: Kate O’Flaherty| Date: Tue, 31 May 2022 11:00:00 +0000
Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws.
Read MoreGoogle’s open-source security move may be pointless. In a perfect world, it should be.
Credit to Author: Evan Schuman| Date: Tue, 31 May 2022 02:30:00 -0700
One of the bigger threats to enterprise cybersecurity involves re-purposed third-party code and open-source code, so you’d
think Google’s Assured Open Source Software service would be a big help.
Think again.
Here’s Google’s pitch: “Assured OSS enables enterprise and public sector users of open source software to easily incorporate the same OSS packages that Google uses into their own developer workflows. Packages curated by the Assured OSS service are regularly scanned, analyzed, and fuzz-tested for vulnerabilities; have corresponding enriched metadata incorporating Container/Artifact Analysis data; are built with Cloud Build including evidence of verifiable SLSA-compliance; are verifiably signed by Google; and are distributed from an Artifact Registry secured and protected by Google.”
Good Luck Not Accidentally Hiring a North Korean Scammer
Credit to Author: Lily Hay Newman| Date: Mon, 30 May 2022 11:00:00 +0000
DPRK hackers are tricking their way into jobs with western firms. A US government alert reminds employers they’re on the front lines—and potentially on the hook.
Read MoreDuckDuckGo Isn’t as Private as You Think
Credit to Author: Andy Greenberg| Date: Sat, 28 May 2022 13:00:00 +0000
Plus: A $150 million Twitter fine, a massive leak from a Chinese prison in Xinjiang, and an ISIS plot to assassinate George W. Bush.
Read MoreWhat Do Those Pesky ‘Cookie Preferences’ Pop-Ups Really Mean?
Credit to Author: Dorri Olds| Date: Fri, 27 May 2022 12:00:00 +0000
We asked the engineer who invented cookies what they mean and how to handle them.
Read MoreGoogle Urged to Stop Tracking Location Data Ahead of Roe Reversal
Credit to Author: Jon Brodkin, Ars Technica| Date: Thu, 26 May 2022 18:00:00 +0000
Lawmakers argue Android phone data could be “weaponized against women” if the US Supreme Court officially overturns abortion protections.
Read More