Security News

Google open-sources project for sandboxing C/C++ libraries on Linux

ZDNet Zero Day - Mon, 03/18/2019 - 20:16
Support for other programming languages to be added in future releases.
Categories: Security News

Hacked tornado sirens taken offline in two Texas cities ahead of major storm

ZDNet Zero Day - Mon, 03/18/2019 - 18:01
City officials took hacked tornado sirens offline ahead of major storm. Luckily, they weren't needed.
Categories: Security News

New Mirai malware variant targets signage TVs and presentation systems

ZDNet Zero Day - Mon, 03/18/2019 - 12:22
Security researchers spot new Mirai botnet with an enhanced arsenal of IoT exploits.
Categories: Security News

CAs Reissue Over One Million Weak Certificates

Schneier on Security - Mon, 03/18/2019 - 06:23
Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the required entropy. This really isn't... Bruce Schneier
Categories: Security News

Is it still a good idea to publish proof-of-concept code for zero-days?

ZDNet Zero Day - Mon, 03/18/2019 - 06:23
Time and time again, the publication of PoC code for zero-days and recently patched security bugs often helps hackers more than end-users.
Categories: Security News

UK code breakers release Enigma war machine simulator

ZDNet Zero Day - Mon, 03/18/2019 - 05:44
You can also try out Bombe and Typex code-cracking for yourself.
Categories: Security News

Round 4: Hacker returns and puts 26Mil user records for sale on the Dark Web

ZDNet Zero Day - Sun, 03/17/2019 - 13:15
Gnosticplayers returns with new user records, most of which he obtained by hacking companies last month.
Categories: Security News

Microsoft releases Application Guard extension for Chrome and Firefox

ZDNet Zero Day - Sun, 03/17/2019 - 11:43
Extensions only available for Windows Insiders for now. To work for everyone once Windows 10 19H1 is live.
Categories: Security News

Dutch hacker who DDoSed the BBC and Yahoo News gets no jail time

ZDNet Zero Day - Sat, 03/16/2019 - 21:59
Hacker used a Mirai botnet to DDoS companies and ask for ransoms to stop attacks.
Categories: Security News

Android Q to get a ton of new privacy features

ZDNet Zero Day - Sat, 03/16/2019 - 11:44
Coming to Android Q: MAC address randomization, new location data permission popup, no more clipboard sniffing.
Categories: Security News

Fujitsu wireless keyboard model vulnerable to keystroke injection attacks

ZDNet Zero Day - Fri, 03/15/2019 - 18:53
There are slim chances that Fujitsu will release a patch.
Categories: Security News

Friday Squid Blogging: A Squid-Related Vacation Tour in Hawaii

Schneier on Security - Fri, 03/15/2019 - 16:24
You can hunt for the Hawaiian bobtail squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

Database leaks 250K legal documents, some marked 'not designated for publication'

ZDNet Zero Day - Fri, 03/15/2019 - 15:15
Database taken down two weeks later. Owner never identified.
Categories: Security News

I Was Cited in a Court Decision

Schneier on Security - Fri, 03/15/2019 - 14:38
An article I co-wrote -- my first law journal article -- was cited by the Massachusetts Supreme Judicial Court -- the state supreme court -- in a case on compelled decryption. Here's the first, in footnote 1: We understand the word "password" to be synonymous with other terms that cell phone users may be familiar with, such as Personal Identification... Bruce Schneier
Categories: Security News

Upcoming Speaking Engagements

Schneier on Security - Fri, 03/15/2019 - 14:15
This is a current list of where and when I am scheduled to speak: I'm teaching a live online class called "Spotlight on Cloud: The Future of Internet Security with Bruce Schneier" on O'Reilly's learning platform, Thursday, April 4, at 10:00 AM PT/1:00 PM ET. The list is maintained on this page.... Bruce Schneier
Categories: Security News

Microsoft to fix 'novel bug class' discovered by Google engineer

ZDNet Zero Day - Fri, 03/15/2019 - 12:00
Fixes to be included with Windows 10 19H1, scheduled for release in a few weeks.
Categories: Security News

Critical Flaw in Swiss Internet Voting System

Schneier on Security - Fri, 03/15/2019 - 09:44
Researchers have found a critical flaw in the Swiss Internet voting system. I was going to write an essay about how this demonstrates that Internet voting is a stupid idea and should never be attempted -- and that this system in particular should never be deployed, even if the found flaw is fixed -- but Cory Doctorow beat me to... Bruce Schneier
Categories: Security News

'100 unique exploits and counting' for latest WinRAR security bug

ZDNet Zero Day - Fri, 03/15/2019 - 07:41
As expected, the recent WinRAR vulnerability is now being abused en-masse by multiple threat actors.
Categories: Security News

Facebook debuts AI tool to tackle revenge porn

ZDNet Zero Day - Fri, 03/15/2019 - 07:00
A new support service has also been launched to tackle the spread of intimate images without consent.
Categories: Security News

Former Mt. Gox CEO found guilty of record tampering, but likely to avoid prison

ZDNet Zero Day - Fri, 03/15/2019 - 04:24
Mark Karpeles has been found guilty of fiddling accounts but not embezzlement in the Mt. Gox case.
Categories: Security News