cybersecurity

Auto Added by WPeMatico

Despite embracing the government, DEF CON maintains its mischievous hacker roots

TwitterFacebook

Raucous applause filled the the large convention room inside Las Vegas’s Paris casino: the government had arrived.

Seated behind a table at the annual DEF CON conference in Las Vegas was Congressman Ted Lieu, and, joined by Rep. James Langevin of Rhode Island, he had come to ask a large crowd of hackers and security professionals for help. The once famously Fed-averse crowd was loving it

But don’t get it twisted — DEF CON hadn’t gone soft. The mischievous and lawless side of this assemblage of the hacker community was out in full effect – assuming, that is, you knew where to look.  Read more…

Inviting the Man to your party

More about Hackers, Def Con, Tech, and Cybersecurity

He tried to prank the DMV. Then his vanity license plate backfired big time.

TwitterFacebook

Everyone hates parking tickets. Not everyone, however, is an information security researcher with a mischievous side and a freshly minted vanity license plate reading “NULL.”

That would be Droogie (his handle, if that’s not obvious), a presenter at this year’s DEF CON hacking conference in Las Vegas and man with a very specific problem: He’s on the receiving end of thousands of dollars worth of tickets that aren’t his. But don’t tell that to the DMV.

It wasn’t, of course, supposed to end up this way. In fact, exactly the opposite. Droogie registered a vanity California license plate consisting solely of the word “NULL” — which in programming is a term for a value of zero — for fun. And, he admitted to laughs, on the off chance it would confuse automatic license plate readers and the DMV’s ticketing system.  Read more…

More about Hackers, Def Con, Dmv, Tech, and Cybersecurity

Teenager finds educational software exposed millions of student records

TwitterFacebook

Teenager Bill Demirkapi had been ghosted. Hard. “It didn’t feel good,” he explained to the large crowd gathered to hear him speak. “It hurt my feelings.” 

But Demirkapi, despite his status as a recent high-school graduate, wasn’t lamenting the traditional spurned-love problems typical of his cohort. Far from it. Instead, he was speaking at the famous DEF CON hacker conference in Las Vegas, and the ghoster-in-question was educational software maker Blackboard. 

Demirkapi had reported numerous vulnerabilities in Blackboard’s software to the company; after initially being in communication with him, the company stopped responding to his emails. But Demirkapi, who found he could access a host of student data — including family military status, weighted GPAs, and special education status — through vulnerabilities in Blackboard’s system, was undeterred.  Read more…

More about Hacking, Students, Def Con, Tech, and Cybersecurity

Turns out your office printer is a huge cybersecurity risk

TwitterFacebook

Consider the office printer.

Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare. 

Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers’ findings with Mashable ahead of the aforementioned Aug. 10 talk, and they’re enough to elicit serious double take.   Read more…

More about Hackers, Printers, Def Con, Tech, and Cybersecurity

Turns out your office printer is a huge cybersecurity risk

TwitterFacebook

Consider the office printer.

Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare. 

Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers’ findings with Mashable ahead of the aforementioned Aug. 10 talk, and they’re enough to elicit serious double take.   Read more…

More about Hackers, Printers, Def Con, Tech, and Cybersecurity

Cloudflare announces termination of 8chan’s service

TwitterFacebook

Cloudflare has announced that it will terminate its protection of 8chan after the forum site was linked to another mass shooting over the weekend, tying the site’s “lawlessness” directly to “multiple tragic deaths.”

Pressure had mounted on the company to cease its service to 8chan, arguing that it enabled the spread of violent white supremacist rhetoric and the celebration of perpetrators of massacres. Manifestos or open letters by shooters including those responsible for the Christchurch, Poway, and El Paso shootings, all of which occurred in 2019, have been hosted on the mostly-unmoderated forums. Read more…

More about White Supremacy, 8chan, Cloudflare, Tech, and Cybersecurity

100 million Americans’ data accessed in massive Capitol One hack

TwitterFacebook

Well, this is not good. 

Finance services giant Capital One announced Monday that there had been a major cybersecurity incident directly affecting 100 million Americans and six million Canadians. Specifically, a host of their customers’ private financial data had been accessed by a hacker. 

According to a statement issued by the company, two separates breaches occurred — once on March 22 and another on March 23 — and were discovered on July 19. 

Bloomberg reports that a Seattle woman has been arrested and accused of hacking Capital One’s server at an unnamed cloud-computing company.

Notably, it seems that although the customer data in question was encrypted, the hacker was able to decrypt it.  Read more…

More about Capital One, Data Breach, Tech, and Cybersecurity

Popular Mac apps caught harvesting users’ browsing data without consent

TwitterFacebook

A number of applications on Apple’s Mac App Store are secretly gathering user data and uploading it to analytics servers.

Popular applications including Dr. Unarchiver, Dr. Cleaner, and others distributed by developer “Trend Micro, Inc.” collect and upload the user’s browser history from Safari, Google Chrome, and Firefox onto their servers via access to the macOS home directory.

These rogue apps will also collect data from other apps installed on the system, all of which is gathered the moment you launch them, according to 9to5Mac. The issue was originally spotted by a user on the Malwarebytes forum. Read more…

More about Cybersecurity, Mac Apps, Tech, and Cybersecurity

Hacker convention in Vegas is full of tin-foil hats. Literally.

TwitterFacebook

What if they really are out to get you. 

If you spend enough time walking the Las Vegas casino floors, you’re sure to come across some unique sights. But scores of people sporting all shapes and sizes of literal tin-foil hats? Welcome to DEF CON.

The annual hacker convention currently underway in the Nevada desert draws a diverse crowd of professional and hobbyist security researchers from around the world. And, for the most part, they all share one defining characteristic: the desire to stick it to The Man. 

Which, well, that specific proclivity just might end up making you a target. Read more…

More about Hackers, Def Con, Tech, and Cybersecurity

These stoner hackers want machine learning to save us from sick weed

TwitterFacebook

Nothing harshes a good mellow like sick buds. Thankfully, there may one day be an app for that. 

Hidden from the hazy Friday afternoon of Las Vegas, tucked away in the basement of the Flamingo casino, a group of likeminded hackers and security researchers gathered to explore “DIY cannabis tech” at DEF CON’s Cannabis Village. One researcher in particular, Harry Moreno, told the rather laid-back crowd that he believed that machine learning could one day solve a huge problem for home-grow enthusiasts: determining whether or not, and in what capacity, a marijuana plant is sick.

More about Marijuana, Machine Learning, Def Con, Tech, and Cybersecurity

Box that unlocks iPhones is the hottest new gadget for police

TwitterFacebook

Law enforcement agencies — despite protests from privacy advocates — have long lobbied to get access to your smartphone.

Now a mysterious U.S. startup called Grayshift — which reportedly has an ex-Apple security engineer on staff — is providing iPhone unlocking tools to cops, according to Motherboard.

GrayKey is a box that measures four by four inches wide, and features two Lightning cables at the front, as per a post by security software company Malwarebytes. 

According to Forbes, Grayshift claims the device only works with iOS 10 and 11, with iOS 9 compatibility slated for the future. Devices ranging from the iPhone X to the 6 are supported, as are various iPad models. Read more…

More about Apple, Iphone, Cybersecurity, Fbi, and Law Enforcement

Crunch Report | HBO NOW Passes 2 Million Subscribers

HBO NOW passes 2 million subscribers, Trident Capital Cybersecurity raises a $300 million fund, Pinterest adds new visual search features and Y Combinator now takes recommendations from anyone. All this on Crunch Report! Read More

Powered by WPeMatico

Google’s bug bounty program pays out $3 million, mostly for Android and Chrome exploits

security globe If you’re willing to hunt for flaws within its vast array of software and services, Google’s happy to pay up. Over the course of its 2016 Vulnerability Rewards Program, the company paid out $3 million—a third of the total $9 million that enthusiastic researchers have earned since the initiative, more colloquially known as a bug bounty program, launched in 2010. The… Read More

Powered by WPeMatico

Trump to sign yet another trash executive order, this time on 'the cyber'

‘President’ Donald Trump is expected to sign an executive order addressing cybersecurity today, Reuters reports in an item that cites “two sources familiar with the situation.” The EO is expected to be Trump’s first action to address what he called a top priority of his administration during the Presidential campaign.

(more…)

Powered by WPeMatico

What your security scientists can learn from your data scientists to improve cybersecurity

Double Exposure Of Computer Language And Man Wearing Sunglasses Security remains one of the top unresolved challenges for businesses. Billions of dollars have been spent on security technology over the last 30 years, yet hackers seem to be more successful than ever. Every organization is now under extreme threat, all the time. Here are some lessons that data scientists have learned and to which security professionals need to pay attention. Read More

Powered by WPeMatico

Secret Double Octopus nabs $6M for a stronger, easier alternative to regular 2FA

8093376393_713fb93477_k Israel is home to around 450 active startups in the field of cybersecurity, according to a recent report in Reuters. Now, the one with perhaps the most distinctive name of them all is announcing some funding for a novel approach to authentication. Secret Double Octopus — which borrows a concept from the world of nuclear launch codes to build extra-secure, but simple, keyless… Read More

Powered by WPeMatico

Recommendations on cyber security for the 45th president… Use more hackers

New York City - USA - April 27 2016: Republican presidential candidate Donald Trump gestures while speaking to press after his five-state super Tuesday win 2016 was an extraordinary year. A record number of security breaches affected billions of people worldwide, including cyber attacks that dramatically impacted the course of businesses and governments. The Unites States, the world’s most connected nation, and the rest of the world will face a deficit of 1.5 million cyber professionals over the next  five years whose jobs are essential… Read More

Powered by WPeMatico