GAO: US Federal Agencies Need to Fully Establish Risk Management Programs
by Business Insights , on 21.08.2019
There have been plenty — too many — breaches involving federal agencies over the years. Way back in 2006, a breach at the U.S. Department of Veterans Affairs affected 26.5 million people. In 2009, it was the National Archives and Records Administration that was hit and that breach affected 76 million. In one of the worst and most damaging breaches of all time, the U.S. Office of Personnel Management (OPM) affected 21.5 million federal employees and contractors, and breached the information included in security clearances, such as background investigation data and associated person data. Most recently, the U.S. Customs Agency fell victim to an attack and photos and other personal information collected by U.S. Customers and Border Patrol was leaked. read more
Tesla Owner Can Unlock, Start Car with Her Arm Thanks to Bio Hack
by Ionut ILASCU, from IoT Security Insights , on 21.08.2019
Technology already surrounds us and, increasingly, it is also finding its way inside of us. Amie Dansby, aka Amie DD, a software engineer and self-billed geek, has taken on a bio-hack project that lets her start a car using just her arm; no keyfob or other type of devices needed. Using an RFID chip in ... The post Tesla Owner Can Unlock, Start Car with Her Arm Thanks to Bio Hack appeared first on Bitdefender. read more
Study: Americans won’t vote for candidates who approve ransomware payments
by Filip TRUTA, from HotForSecurity , on 20.08.2019
Government officials’ decisions related to cybersecurity actively impact voting decisions among Americans, according to a recent study. Awareness about cyber-security among U.S. residents today so high that Americans are now using this knowledge as a factor in their decision making. New research by The Harris Poll reveals that 64% of registered voters will not vote [and#8230;] read more
D’oh! Apple botches iOS update, leaves iPhones open to jailbreaking
by Graham CLULEY, from HotForSecurity , on 20.08.2019
For the first time in years, hackers have created a working exploit that can jailbreak the latest, fully-updated version of iOS. And a goof by Apple has allowed them do it. The result? Millions of Apple iPhone and iPad users who thought they were doing the right thing by updating their devices to iOS 12.4 [and#8230;] read more
D-Link Will Make Its Devices More Secure as Part of FTC Lawsuit Settlement
by Ionut ILASCU, from IoT Security Insights , on 20.08.2019
The Federal Trade Commission’s stated mission is to protect users. The resolution of a long-standing litigation with smart home products manufacturer D-Link Systems Inc. shows the FTC is keeping its promise: buyers of D-Link connected devices will no longer be vulnerable to attacks. Or, at least, not as vulnerable as they are now. In 2017, ... The post D-Link Will Make Its Devices More Secure as Part of FTC Lawsuit Settlement appeared first on Bitdefender. read more
Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally
by Liviu ARSENE, from Bitdefender Labs , on 20.08.2019
Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interest is that it pauses the resource-intensive cryptomining process if it finds popular games running on the victim’s machine. The investigation revealed that the worm-cryptominer has been constantly updated by its […] read more
20 month prison sentence for British hacker who made fortune helping SIM-swap fraudsters
by Graham CLULEY, from HotForSecurity , on 19.08.2019
A teenage British hacker has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency. 19-year-old Elliott Gunton was no stranger to the authorities, having previously been convicted in December 2016 for his role in the infamous hack of the telecoms firm TalkTalk. Gunton, 17 [and#8230;] read more
If there’s no ‘free lunch,’ how about free coffee?
by Ionut ILASCU, from IoT Security Insights , on 19.08.2019
With a couple of hours to spare earlier this year at a French underground event for hackers, security researcher Baptiste Robert opted for a cup of coffee from a vending machine. And a couple of hours was just enough time to get it – hacker style. When he saw he could pay by mobile phone ... The post If there’s no ‘free lunch,’ how about free coffee? appeared first on Bitdefender. read more
When it Comes to Application Security, Banks Pay Little Interest
by Business Insights , on 16.08.2019
One might think financial institutions, such as banks, would have formidable levels of application security. Unfortunately, if one thought that, one would be wrong. According to an analysis by application security vendor ImmuniWeb, a startling 97 out of 100 of the world’s largest banks are vulnerable to web and mobile attacks. read more
Report: Nashville company pays ex-employee ransom installments only to stall him until the cops make the bust
by Filip TRUTA, from HotForSecurity , on 15.08.2019
A global phone insurance and tech support company headquartered in Nashville, Tennessee has resorted to paying ransom to an alleged ex-staffer after receiving emails claiming he stole private info of thousands of employees and more than a million customers. As reported by the Tennessean, Asurion isn’t entirely sure the attacker is an disgruntled ex-employee. However, [and#8230;] read more
