Items tagged with security

In late December, a major power outage killed utility services for a large swathe of people in the Western Ukraine. Shortly after the incident, a number of cyber security experts pointed the finger at hackers and claimed some nefarious digital activities took down the power grid, but nothing had been officially confirmed at the time.But now the U.S Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, is reporting that the outage was caused by a measured cyber-attack against Ukrainian critical infrastructure.An alert published on the ICS-CERT... Read more...
Security and related IT topics can be a little dry and tasteless at times, not to mention overly complex. There’s no question that, especially with the alarming rise of data breaches, advancing security innovation is vital to the future of technology, the enterprise and the Internet. But let’s face it, the rocket science behind security just isn’t that sexy—at least it wasn’t until we spoke to the team at ProtectWise. The company’s CEO, Scott Chasin, and CTO, Gene Stevens, both have roots going back to McAfee (sans bath salts), pre-Intel acquisition, with Chasin serving as CTO of McAfee up until... Read more...
If you've been skeptical of buying a connected car for fear that its technologies could be used against you, it won't help to learn that Nissan has suspended downloads of a companion app for its Leaf electric vehicle for that very reason. At issue is the woeful lack of security, and in particular the lack of authentication. Here's the deal—the accompanying NissanConnect app, which Leaf owners can install on their smartphones and connect to their car, only looks for the car's VIN. Security researchers Troy Hunt and Scott Helme brought the attention to light yesterday when they published their findings... Read more...
If you own a Nissan Leaf electric vehicle, you might want to take note of research conducted by Troy Hunt. More specifically, Hunt and fellow researcher Scott Helme were able to demonstrate that certain vehicle functions can be turned on and off remotely thanks to open and unauthenticated APIs that Nissan is using for its NissanConnect services. And this isn’t just some minor fault on the part of Nissan; it represents a spectacular failure of Nissan’s security protocols (or lack thereof) used in the NissanConnect EV app to connect with Leaf EVs via the Internet. “This API thing is just nuts. It's... Read more...
ASUS crafts some of the highest-performing and best-looking wireless routers on the market, but as far as the Federal Trade Commission (FTC) is concerned, it's also crafted some of the most insecure. The FTC alleges that ASUS put "hundreds of thousands" of users at risk because they were oblivious to some serious security holes that plagued the most important piece of equipment on their network. Some of these issues were tied to cloud software bundled with the router, but that's not all. The FTC mentions that bugs in some router control panels would allow attackers to change settings without the... Read more...
The greatest benefit wireless peripherals offer is what they help cut down on: wires. Fewer wires means that our desktops are easier to keep clean, and we're not kicking wires as often under our desk. It's a win-win overall. Or is it? As with most things convenient, wireless peripherals can suffer exploits just like anything else that's open to a wireless connection. While your keyboard is designed to handshake with an adapter that's plugged into your PC, there's usually nothing stopping the data stream from being intercepted. Though remote, no question, it could be a legitimate attack vector.... Read more...
Updated 2/20/2016 - 9:57PM: If there weren't such tragic events leading up to the unprecedented court case involving Apple, the FBI and DOJ, the whole San Bernardino iPhone government access affair might look like a complete comedy of errors at this point. The San Bernardino gunman's locked iPhone could indeed reveal information as to whether or not they acted alone or were supported by others. And it could offer a wealth of information beyond that, that could possibly even save lives some day in the future. However, the slippery slope of legal precedent that will be set, if Apple ever does give... Read more...
It's not often that people feel compelled to side with Google on the topic of privacy, but the company's newest CEO, Sundar Pinchai, gives us a great reason to. As Brandon covered in great detail yesterday, Apple has been ordered by U.S. Magistrate Judge Sheri Pym to provide the FBI access to an iPhone 5c that was used by the terrorists in December's San Bernardino shootings - but, there are a couple of problems with that. Apple insists that the backdoor the U.S. government wants doesn't exist, and CEO Tim Cook rages against the idea that his company should build one for any of its products. If... Read more...
A medical center located in Hollywood, California, paid hackers 40 bitcoins worth nearly $17,000 in U.S. currency to decrypt its files that were being held ransom. The ransom amount is far less than the $3.6 million that was being thrown around when news of the security breach went public, but is no less disheartening that those responsible were able to pull something like this off. Things went sour for Hollywood Presbyterian Medical Center when malware spread on its computer systems earlier this month. Known as ransomware, the malware encrypted critical files across the medical center's network,... Read more...
Could you go a full day without using your PC? It might not be all that difficult on a casual basis, but for workers at Hollywood Presbyterian Medical Center, they've had the challenge of servicing patients without the aid of any computer systems for over a week due to a malware outbreak and subsequent ransom demand.A local computer consultant said the ransom is in the neighborhood of 9,000 Bitcoins, which is about $3.6 million in U.S. currency. The hackers responsible likely chose Bitcoin as their payment method of choice because the cryptocurrency is anonymous and difficult to trace, especially... Read more...
It's easier than ever to protect data online and elsewhere. Encryption is ubiquitous and while it's impossible to insure that your data well-secured from the likes of the government, there's no excuse for not taking important steps to increase your own personal protection as much as possible. That latter is especially true when you consider the fact that the FBI has a seemingly unlimited amount of resources to "counter the threat" of encryption. Humorously, many people who use encryption aim to "counter the threat" of the FBI or other government agencies. And according to the agency's 2017 budget... Read more...
The term "IoT" has been floating around for a while and many who care about privacy have been put on high alert. "Internet of Things" devices can help make our lives better. They can allow us to change the temperature with our smartphones or even unlock doors. They could help us track vital stats during a workout. They can optimize the use of our solar power. All great things... but... they can also act as a proxy that allows governments to peer into our lives. Again, this threat is nothing new, but what makes its reality just a bit clearer is that someone in power in the spying... Read more...
In the fall of 2014, Google lost a valuable man: Andy Rubin. While Rubin had his hands in a number of important projects at the big G, none were more important than his creation of Android in 2003. Today, Android is the most widely-used mobile OS; one that's even making its way to convertible PCs. To call that particular project a success would be a gross understatement. We learned just two months ago that Rubin has eyed making a return to smartphones, something he hasn't talked too much about openly. What he has talked about, though, is dashcams. Yup -- Rubin sees the lowly dashcam as... Read more...
It seems certain that we've all managed to wind up on a website at some point in time that had misleading elements, such as fake download buttons. While piracy is going to be the first thing that springs to many minds when this kind of sketchiness is brought up, it's hardly exclusive to that area. Some websites that host completely legitimate software still have misleading advertising, and let's face it: we've been dealing with it for way too long. Well, if Google has its way, we're not going to have to worry about such misleading advertising in the future. Back in November, the company released... Read more...
Prev 1 2 3 4 5 Next ... Last