-
+22 +1
U.S. No Fly list shared on a hacking forum, government investigating
A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' has been shared publicly on a hacking forum. BleepingComputer has confirmed the list is the same TSA No Fly list that was discovered recently on an unsecured CommuteAir server.
-
+25 +1
The US government is building an AI sandbox to tackle cybercrime
CAP-M AI will be used to test and learn about cyberthreats
-
+31 +1
Here's how to remotely takeover a Ferrari...account, that is
Multiple bugs affecting millions of vehicles from almost all major car brands could allow miscreants to perform any manner of mischief — in some cases including full takeovers — by exploiting vulnerabilities in the vehicles' telematic systems, automotive APIs and supporting infrastructure, according to security researchers.
-
+22 +1
Major security flaws found in Mercedes, Ferrari and other top luxury cars
Major security flaws have been found in Mercedes, Ferrari, and other top luxury cars which could have allowed threat actors to steal the owners’ personally identifiable information, track their vehicles, and in some cases - even unlock and start the cars. Almost two-dozen car brands were affected by the flaws, including top brands such as BMW, Roll Royce, Mercedes-Benz, Ferrari, Porsche, Jaguar, Land Rover, Ford, KIA, Honda, Infiniti, Nissan, Acura, Hyundai, Toyota, and Genesis.
-
+21 +1
The Password Isn’t Dead Yet. You Need a Hardware Key
IN AUGUST, THE internet infrastructure company Cloudflare was one of hundreds of targets in a massive criminal phishing spree that succeeded in breaching numerous tech companies. While some Cloudflare employees were tricked by the phishing messages, the attackers couldn't burrow deeper into the company's systems.
-
+22 +1
TikTok banned on government devices under spending bill passed by Congress
Congress passed a large spending package that includes a bill banning TikTok from being used on government devices and new filing fees for mergers.
-
+20 +1
Anker’s Eufy deleted these 10 privacy promises instead of answering our questions
It’s been two weeks since we reported that Anker’s Eufy lied to us about the security of its security cameras, and we’ve been pushing the company for answers ever since. But the company hasn’t answered a single one of our questions — in fact, I haven’t gotten a single reply since December 1st. Today, on a whim, I thought I’d take a peek at Eufy’s website... maybe find some answers there? Instead, I found that Anker has quietly scrubbed all of its most promising privacy promises from its “privacy commitment” page. It got nerfed — hard.
-
+26 +1
Monitoring you based on the features of your face
Is the Government Monitoring you based on the features of your face? The goal of developing facial recognition software is to usher in a new era in which every person who goes out into public spaces may be identified, followed, and filmed as they go about their everyday routines. The government and its business partners are able to identify people and follow their activities in real-time with the use of face recognition technology. This technology works in conjunction with the widespread use of surveillance cameras around the nation.
-
+22 +1
TikTok: Would the US really ban one of the world's most popular apps?
Democrats and Republicans don't agree on much these days, but have joined forces to unveil bipartisan legislation that would ban TikTok across the US. Representatives on both sides of the political divide in the House of Representatives and Senate have spoken out against what they perceive as a threat to national security.
-
+20 +1
Google researchers warn millions of Android devices prone to hacking due to GPU bug
Google's Project Zero team said it had alerted the chip designer ARM about the GPU bug, and the British chip designer had fixed those vulnerabilities.
-
+15 +1
Iran-backed hackers breached a US federal agency that failed to patch year-old bug
CISA says organizations that haven't yet patched VMware systems against Log4Shell should "assume" that they've already been breached.
-
+10 +1
Kaspersky to kill its VPN service in Russia next week
Kaspersky is stopping the operation and sales of its VPN product, Kaspersky Secure Connection, in the Russian Federation, with the free version to be suspended as early as November 15, 2022. As the Moscow-based company informed on its Russian blog earlier this week, the shutdown of the VPN service will be staged, so that impact on customers remains minimal.
-
+19 +1
40% of traffic to ecommerce sites comes from bots raising cyber security threat level
While consumers may be looking to scam retailers as the cost of living crisis deepens, cyber criminals are also on the rampage through the sector, with a range of automated threats – from account takeover, credit card fraud, web scraping, API abuses, Grinch bots and distributed denial of service (DDoS) attacks – all becoming a persistent challenge for the eCommerce industry, threatening online sales and customer satisfaction.
-
Analysis+13 +1
People Still Think Their Smart Speakers Are Eavesdropping on Conversations
In short, they’re not. But a new Chubb report finds increasing cyber anxiety, as well as people clinging to bad security habits. (Seriously, that ‘keepsake password’ has to go.)
-
+10 +1
French-speaking crooks stole $30m in bank cyber-heist spree
A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers.
-
+24 +1
Passkeys—Microsoft, Apple, and Google’s password killer—are finally here
For years, Big Tech has insisted that the death of the password is right around the corner. For years, those assurances have been little more than empty promises. The password alternatives—such as pushes, OAUTH single-sign ons, and trusted platform modules—introduced as many usability and security problems as they solved. But now, we’re finally on the cusp of a password alternative that’s actually going to work.
-
+31 +1
Linux dodges serious Wi-Fi security exploits
What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.
-
+17 +1
U.S. FCC set to ban all U.S. sales of Huawei, ZTE equipment
The U.S. Federal Communications Commission plans to ban all sales of Huawei and ZTE telecommunications equipment in the United States on national security grounds, news website Axios reported on Thursday, citing sources familiar with the matter.
-
+21 +1
What the Securing Open Source Software Act does and what it misses
The US government is recognizing the importance of open-source software. But is it ready for what's needed?
-
+19 +1
Yes, you should monitor your remote workers – but not because you don’t trust them
Should you be monitoring your work-from-home employees? Yes, but not for the reasons you might suspect. According to a recent report in the New York Times, eight of the 10 largest private US employers are using software and other technologies to track the productivity of their employees in the office and at home.
Submit a link
Start a discussion