Security News

Thousands of US voters' data exposed by robocall firm

ZDNet Zero Day - Wed, 07/18/2018 - 09:30
Each record contains a voter's name, address, and "calculated" political affiliation.
Categories: Security News

Defeating the iPhone Restricted Mode

Schneier on Security - Wed, 07/18/2018 - 06:25
Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson in this: security is hard. Apple Computer has one of the best security teams on the... Bruce Schneier
Categories: Security News

Tech giants, civil liberties coalition urges Congress to pass email privacy law

ZDNet Zero Day - Tue, 07/17/2018 - 13:14
Right now, the government can read your six-month-old emails without a warrant.
Categories: Security News

Installing a Credit Card Skimmer on a POS Terminal

Schneier on Security - Tue, 07/17/2018 - 06:20
Watch how someone installs a credit card skimmer in just a couple of seconds. I don't know if the skimmer just records the data and is collected later, or if it transmits the data back to some base station.... Bruce Schneier
Categories: Security News

Thousands of Mega logins dumped online, exposing user files

ZDNet Zero Day - Mon, 07/16/2018 - 15:39
Exclusive: Email addresses, passwords, and lists of file names were exposed.
Categories: Security News

Reasonably Clever Extortion E-mail Based on Password Theft

Schneier on Security - Mon, 07/16/2018 - 06:30
Imagine you've gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it's for isn't very valuable. How do you use it? You convince the owners of the password to send you money. I recently saw a spam e-mail that ties the password to a porn site. The e-mail title contains... Bruce Schneier
Categories: Security News

Justice Dept. indicts 12 Russian spies over 2016 DNC hack

ZDNet Zero Day - Fri, 07/13/2018 - 11:06
The 12 indictments were sought by US special counsel Robert Mueller.
Categories: Security News

Ukraine blocks VPNFilter attack against core country water system

ZDNet Zero Day - Fri, 07/13/2018 - 06:41
Russia has been blamed for the cyberattack.
Categories: Security News

Gas Pump Hack

Schneier on Security - Fri, 07/13/2018 - 06:18
This is weird: Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1,800. The theft took place in the middle of the day and went on for about 90 minutes, with the gas station attendant unable to thwart the hackers. The theft, reported... Bruce Schneier
Categories: Security News

Friday Squid Blogging: Antifungal Squid-Egg Coating

Schneier on Security - Thu, 07/12/2018 - 16:03
The Hawaiian bobtail squid coats its eggs with antifungal bacteria. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

IBM: A data breach will now cost your organization $3.86 million, if you're lucky

ZDNet Zero Day - Thu, 07/12/2018 - 07:30
There are hidden costs over time which make the bill far larger than you may expect.
Categories: Security News

WPA3

Schneier on Security - Thu, 07/12/2018 - 06:11
Everyone is writing about the new WPA3 Wi-Fi security standard, and how it improves security over the current WPA2 standard. This summary is as good as any other: The first big new feature in WPA3 is protection against offline, password-guessing attacks. This is where an attacker captures data from your Wi-Fi stream, brings it back to a private computer, and... Bruce Schneier
Categories: Security News

Another hack rocks cryptocurrency trading: Bancor loses $13.5 million

ZDNet Zero Day - Thu, 07/12/2018 - 04:54
The alleged hack has raised questions over the validity of the start-up's "decentralized" system.
Categories: Security News

​The return of Spectre

ZDNet Zero Day - Wed, 07/11/2018 - 13:48
Two new ways to assault computers using Spectre-style attacks have been discovered. These can be used against any operating system running on AMD, ARM, and Intel processors.
Categories: Security News

Department of Commerce Report on the Botnet Threat

Schneier on Security - Wed, 07/11/2018 - 06:08
Last month, the US Department of Commerce released a report on the threat of botnets and what to do about it. I note that it explicitly said that the IoT makes the threat worse, and that the solutions are largely economic. The Departments determined that the opportunities and challenges in working toward dramatically reducing threats from automated, distributed attacks can... Bruce Schneier
Categories: Security News

Adobe fixes over 100 vulnerabilities in latest security patch update

ZDNet Zero Day - Wed, 07/11/2018 - 05:25
The massive security update covers Flash, Acrobat, Connect, Experience Manager, and Reader.
Categories: Security News

Apple fixes iPhone crash bug whenever Taiwan was mentioned

ZDNet Zero Day - Tue, 07/10/2018 - 13:22
The bug is now fixed in iOS 11.4.1.
Categories: Security News

Recovering Keyboard Inputs through Thermal Imaging

Schneier on Security - Tue, 07/10/2018 - 06:18
Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it's interesting to think about the types of scenarios in which it might be pulled off. Abstract: As a warm-blooded mammalian species, we humans routinely leave thermal residues on various objects with which we come in... Bruce Schneier
Categories: Security News

BlackTech threat group steals D-Link certificates to spread backdoor malware

ZDNet Zero Day - Tue, 07/10/2018 - 05:16
The same certificate was used to sign legitimate D-Link software.
Categories: Security News

Do aliens feel the beat? Music sent into space for extraterrestrials to decode

ZDNet Zero Day - Tue, 07/10/2018 - 05:00
To mark its 25th anniversary, Barcelona's Sónar music festival launched a musical message beyond Earth's orbit.
Categories: Security News