cybersecurity

Auto Added by WPeMatico

Unlock American Netflix with this discounted VPN

Unlock American Netflix with this discounted VPN

TL;DR: A three-year subscription to Surfshark VPN is on sale for £54.81 as of July 13, saving you 83% on list price.


Whether you’re a remote worker regularly using public WiFi networks, a gamer who stays connected around the clock, or just an average Netflix binger, your private data is vulnerable to trackers and hackers every time you sign online. How else would targeted ads match that bizarre product you and your friends were just talking about? It’s all good, though. You can easily block those prying eyes and protect your data with a virtual private network (VPN).

If you haven’t already armed yourself with a VPN or you’re not happy with the one you have, this is your lucky day. This three-year subscription to Surfshark VPN is currently on sale for over 80% off and offers all you need to stay safe online, and then some. Read more…

More about Cybersecurity, Data Privacy, Mashable Shopping, Shopping Uk, and Uk Deals

Secure a lifetime subscription to this VPN for just £30

Secure a lifetime subscription to this VPN for just £30

TL;DR: A lifetime subscription to KeepSolid VPN Unlimited is on sale for £30 as of July 10, saving you 85% on list price.


Don’t have a VPN? Here’s your cue: get one now before it’s too late. 

Sorry not sorry for waxing dramatic, but if you’ve seen shows like Black Mirror and Mr. Robot, then you’re aware of the possibility that society is morphing into a tech dystopia in which it’s always open season on your digital privacy. 

KeepSolid VPN Unlimited is offering a great deal on a lifetime subscription, bringing the price down to just £30. It’s always a good time to get a VPN, but there is truly no better time than when one goes on sale. Read more…

More about Cybersecurity, Mashable Shopping, Shopping Uk, Uk Deals, and Tech

These bears work quietly to protect your online privacy

These bears work quietly to protect your online privacy

TL;DR: A two-year subscription to TunnelBear VPN is on sale for £3.38 per month, saving you 58% on list price.


We like to imagine that TunnelBear VPN is run by lots of hardworking bears, all doing everything they can to ensure your online security and data privacy. It’s probably not the case, but they do feature heavily on TunnelBear’s site and interface, so that’s something.

TunnelBear is one of the most popular VPN providers, and that’s probably partly down to the cute bears that pop up everywhere. It’s also due to the range of advanced security features offered by the service, including easy-to-use apps, strong encryption, and fast connection speeds. Read more…

More about Cybersecurity, Mashable Shopping, Shopping Uk, Uk Deals, and Tunnelbear

What’s so important about a VPN kill switch?

What's so important about a VPN kill switch?

TL;DR: A two-year subscription to PureVPN is on sale for £2.33 per month, saving you 74% on list price.


The list of features offered by VPN providers is long and growing, but some are more important than others. Sure, server location and connection speed is important, but these things don’t impact your privacy and security.

If online security is your priority, you should be looking out for things like a kill switch. This  terminates your internet connection if the VPN disconnects, so that your identity isn’t exposed. It’s a vital second layer of protection, and it’s something every VPN service should provide. Read more…

More about Cybersecurity, Mashable Shopping, Shopping Uk, Uk Deals, and Purevpn

This is the only VPN that heavily features bears

This is the only VPN that heavily features bears

TL;DR: A two-year subscription to TunnelBear VPN is on sale for £3.38 per month, saving you 58% on list price.


VPNs help you to browse, stream, and work securely by protecting your online traffic with an encrypted tunnel. That might sound a little complicated, but it’s really not.

It simply means that all your data and personal information is safeguarded, so nobody can see what you’re doing or where you’ve been. These services are becoming more and more popular as remote working has become a necessity.

There are plenty of top providers to consider, but TunnelBear stands out from the crowd for two reasons. For starters, it’s one of the few services to offer a genuinely free service. You are limited to 500MB of secure browsing with a free plan, but this should be more than enough to properly give the service a try. Secondly, TunnelBear is the only VPN to heavily feature bears all over its site and interface, which is key. Read more…

More about Cybersecurity, Streaming, Working From Home, Shopping Uk, and Uk Deals

Take the stress out of working from home

Take the stress out of working from home

TL;DR: An 18-month subscription to ZenMate VPN is on sale for £1.99 per month, saving you 79% on list price.


Working from home can be stressful. It doesn’t matter how many cushions, blankets, and other assorted soft things you have around you. It’s still stressful.

There are services you can invest in that can make the whole working from home thing a little more bearable. The first is a VPN, as these services protect your data and sensitive information, with apps for all your devices.

Your security is one less thing to worry about with a VPN, and ZenMate VPN is one of the cheapest services on offer. So you don’t need to worry about spiraling costs either. An 18-month plan is currently on sale for just £1.99 per month, saving you 79% on list price. Read more…

More about Cybersecurity, Mashable Shopping, Working From Home, Shopping Uk, and Uk Deals

Zoom improves security with automatic password protection and waiting rooms

Zoom improves security with automatic password protection and waiting rooms

After facing heavy criticism for the way it handles privacy and security, the video conferencing service Zoom is making a few very necessary updates. 

Beginning April 5, all meetings going forward will have automatically enabled password protection and waiting rooms. The password protection makes it so you need a password to enter a meeting even if you already have the meeting ID, although those who enter a meeting via a link will not need to enter the password. The waiting room allows the hosts to selectively admit people who are waiting to enter a meeting, so if they see a name they don’t recognize, they can choose not to let them have access. Read more…

More about Privacy, Zoom, Passwords, Tech, and Cybersecurity

Hackers are getting really good at hacking Ring cameras and the results are terrifying

Hackers are getting really good at hacking Ring cameras and the results are terrifying

In case you needed another reminder of the potentially terrifying downside of having a Wi-Fi-connected security camera in your home, consider this: it’s surprisingly easy for hackers to gain access to them.

Hackers have created software that essentially streamlines the process, and are selling and sharing it on internet forums, Motherboard reported. The exploit is possible not because of any one vulnerability in Ring’s software, but rather how it takes advantage of insecure passwords in order to get into the accounts in question. 

This is much more than a theoretical vulnerability. There have been reports all around the country of people encountering strangers on the other end of their in-home security camera.  Read more…

More about Tech, Amazon, Cybersecurity, Ring, and Tech

Hackers are getting really good at hacking Ring cameras and the results are terrifying

Hackers are getting really good at hacking Ring cameras and the results are terrifying

In case you needed another reminder of the potentially terrifying downside of having a Wi-Fi-connected security camera in your home, consider this: it’s surprisingly easy for hackers to gain access to them.

Hackers have created software that essentially streamlines the process, and are selling and sharing it on internet forums, Motherboard reported. The exploit is possible not because of any one vulnerability in Ring’s software, but rather how it takes advantage of insecure passwords in order to get into the accounts in question. 

This is much more than a theoretical vulnerability. There have been reports all around the country of people encountering strangers on the other end of their in-home security camera.  Read more…

More about Tech, Amazon, Cybersecurity, Ring, and Tech

Cybersecurity expert Alex Stamos on Facebook’s counter terrorism team and the private-public divide

Alex Stamos rose to fame as the former chief security officer for Yahoo and then Facebook. But today he’s the director of Stanford’s Internet Observatory, where he’s immersed in teaching and research safe tech — and understands better than most the threats that the U.S. is facing, particularly as we sail toward the next U.S. presidential election.

Last night, at a StrictlyVC event in San Francisco, he talked with New York Times cybersecurity correspondent Sheera Frenkel about a small number of these massively impactful issues, first by revisiting what happened during the 2016 president election, then catching up the audience on whether the country’s defenses have evolved since. (The short version: they haven’t. If there’s any good news at all, it’s that the federal and state governments are at least aware now there’s an issue, whereas they appeared largely blindsided by it the last time around.)

What worries Stamos most are “direct attacks on our election infrastructure” because there’s been so little to bolster it. In fact, a big theme of the interview was the growing inability of the public sector to protect Americans or U.S. democracy against actors who would do the country harm.

As it relates to election infrastructure specifically, Stamos used a hyperlocal example to underscore what the U.S. is dealing with right now. As he told Frenkel, “I live in San Mateo County. I’ve met the CIO of San Mateo County. Really nice guy. I’m sure he has a staff of very hard-working people. The idea that the CIO of San Mateo County has to stand up and protect himself against the [Russian military intelligence agency known as the] GRU or China’s Ministry of State Security or Iran’s Islamic Revolutionary Guard Corps or the Lazarus Group of North Korea . . . that’s frickin’ ridiculous. Like, we don’t ask the San Mateo County Sherriff’s department to get ready to repel an invasion by the People’s Liberation Army, but we ask for the cyber equivalent in the United States.”

Put into perspective, San Mateo County is one of about about 10,000 local governments in the United States that are involved in elections, said Stamos. “Nobody else in the world runs their elections this way.”

In fact, in nearly every conceivable way, “responsibilities that were once clearly public sector responsibilities are now private sector responsibilities,” he told Frenkel during a later part of their discussion. He would know, having seen it first-hand.

“When I was the chief security officer at Facebook,” he told the audience, “I had a child safety team. We probably put more bad guys away than almost any law enforcement agency outside of the FBI or [Homeland Security Investigations unit] in the child safety realm. Like, there’s no local police department in the United States that put away more child predators than the Facebook child safety team. That is a crazy stat.

Facebook also has a counter terrorism team — which not everyone realizes — and which has become in many ways the country’s first responder, he suggested. Indeed, Stamos said that “there are several terrorist attacks that you’ve never heard of because they didn’t happen because we caught them. Now, there’s some local law enforcement agency took credit for it, but it was actually our team that found it and turned it over to them with a bow on it.”

Americans might shrug off this continuing shift in who is tackling what, but they do it at their peril, suggested Stamos — who managed to keep the crowd laughing, even as he painted a bleak picture. As he noted, the big tech “companies are exercising this power without any kind of democratic oversight.” Consider, he said, that “[Facebook’s] authorization is the terms of service that people click through and never read when they join Facebook or Instagram. That’s a bizarre set of rules to be bound by when you have such incredible power.”

Another huge blind spot, said Stamos, is the apparently inability — as well as the collective lack of determination required — of the public and the increasingly powerful private sector to coordinate their work.  Here, he offered another broad example to make it accessible. “Say you had an organized group in the United States that’s running a bunch of Facebook ads, but their money is coming from bitcoin from St. Petersburg,” said Stamos. “That is completely invisible to Facebook. That is perhaps visible to FBI . . .but they don’t have access to that actual content [on FB]. And figuring out a way for these two groups to work with each other without massively violating the privacy of everybody on the platform turns out to be super hard.”

Yet it’s worse than even that sounds, he continued. The reason: there’s no decision-tree in part because the issue has grown so unmanageable that no one wants to own what goes awry. “There’s effectively nobody in charge of this right now, which is one of the scariest things we’re facing as a country. Almost nobody is in defense of cyber, and certainly nobody is in charge of the big picture, [meaning] how do we defend against election [interference] both from a cybersecurity perspective and a disinformation perspective.”

Stamos even jokingly referred to “pockets of people in the U.S. government who are effectively hiding from the White House and trying very, very hard” to escape its attention, given the daunting job they’d be tasked with figuring out. Except, all kidding aside, with no one at the helm and “no real cross-agency process, there’s really nobody in charge,” said Stamos.

That means the “tech companies are effectively the coordinating body for this. And that’s actually really screwed up.”

Despite embracing the government, DEF CON maintains its mischievous hacker roots

TwitterFacebook

Raucous applause filled the the large convention room inside Las Vegas’s Paris casino: the government had arrived.

Seated behind a table at the annual DEF CON conference in Las Vegas was Congressman Ted Lieu, and, joined by Rep. James Langevin of Rhode Island, he had come to ask a large crowd of hackers and security professionals for help. The once famously Fed-averse crowd was loving it

But don’t get it twisted — DEF CON hadn’t gone soft. The mischievous and lawless side of this assemblage of the hacker community was out in full effect – assuming, that is, you knew where to look.  Read more…

Inviting the Man to your party

More about Hackers, Def Con, Tech, and Cybersecurity

He tried to prank the DMV. Then his vanity license plate backfired big time.

TwitterFacebook

Everyone hates parking tickets. Not everyone, however, is an information security researcher with a mischievous side and a freshly minted vanity license plate reading “NULL.”

That would be Droogie (his handle, if that’s not obvious), a presenter at this year’s DEF CON hacking conference in Las Vegas and man with a very specific problem: He’s on the receiving end of thousands of dollars worth of tickets that aren’t his. But don’t tell that to the DMV.

It wasn’t, of course, supposed to end up this way. In fact, exactly the opposite. Droogie registered a vanity California license plate consisting solely of the word “NULL” — which in programming is a term for a value of zero — for fun. And, he admitted to laughs, on the off chance it would confuse automatic license plate readers and the DMV’s ticketing system.  Read more…

More about Hackers, Def Con, Dmv, Tech, and Cybersecurity

Teenager finds educational software exposed millions of student records

TwitterFacebook

Teenager Bill Demirkapi had been ghosted. Hard. “It didn’t feel good,” he explained to the large crowd gathered to hear him speak. “It hurt my feelings.” 

But Demirkapi, despite his status as a recent high-school graduate, wasn’t lamenting the traditional spurned-love problems typical of his cohort. Far from it. Instead, he was speaking at the famous DEF CON hacker conference in Las Vegas, and the ghoster-in-question was educational software maker Blackboard. 

Demirkapi had reported numerous vulnerabilities in Blackboard’s software to the company; after initially being in communication with him, the company stopped responding to his emails. But Demirkapi, who found he could access a host of student data — including family military status, weighted GPAs, and special education status — through vulnerabilities in Blackboard’s system, was undeterred.  Read more…

More about Hacking, Students, Def Con, Tech, and Cybersecurity

Turns out your office printer is a huge cybersecurity risk

TwitterFacebook

Consider the office printer.

Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare. 

Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers’ findings with Mashable ahead of the aforementioned Aug. 10 talk, and they’re enough to elicit serious double take.   Read more…

More about Hackers, Printers, Def Con, Tech, and Cybersecurity

Turns out your office printer is a huge cybersecurity risk

TwitterFacebook

Consider the office printer.

Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare. 

Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers’ findings with Mashable ahead of the aforementioned Aug. 10 talk, and they’re enough to elicit serious double take.   Read more…

More about Hackers, Printers, Def Con, Tech, and Cybersecurity

Cloudflare announces termination of 8chan’s service

TwitterFacebook

Cloudflare has announced that it will terminate its protection of 8chan after the forum site was linked to another mass shooting over the weekend, tying the site’s “lawlessness” directly to “multiple tragic deaths.”

Pressure had mounted on the company to cease its service to 8chan, arguing that it enabled the spread of violent white supremacist rhetoric and the celebration of perpetrators of massacres. Manifestos or open letters by shooters including those responsible for the Christchurch, Poway, and El Paso shootings, all of which occurred in 2019, have been hosted on the mostly-unmoderated forums. Read more…

More about White Supremacy, 8chan, Cloudflare, Tech, and Cybersecurity

100 million Americans’ data accessed in massive Capitol One hack

TwitterFacebook

Well, this is not good. 

Finance services giant Capital One announced Monday that there had been a major cybersecurity incident directly affecting 100 million Americans and six million Canadians. Specifically, a host of their customers’ private financial data had been accessed by a hacker. 

According to a statement issued by the company, two separates breaches occurred — once on March 22 and another on March 23 — and were discovered on July 19. 

Bloomberg reports that a Seattle woman has been arrested and accused of hacking Capital One’s server at an unnamed cloud-computing company.

Notably, it seems that although the customer data in question was encrypted, the hacker was able to decrypt it.  Read more…

More about Capital One, Data Breach, Tech, and Cybersecurity

Popular Mac apps caught harvesting users’ browsing data without consent

TwitterFacebook

A number of applications on Apple’s Mac App Store are secretly gathering user data and uploading it to analytics servers.

Popular applications including Dr. Unarchiver, Dr. Cleaner, and others distributed by developer “Trend Micro, Inc.” collect and upload the user’s browser history from Safari, Google Chrome, and Firefox onto their servers via access to the macOS home directory.

These rogue apps will also collect data from other apps installed on the system, all of which is gathered the moment you launch them, according to 9to5Mac. The issue was originally spotted by a user on the Malwarebytes forum. Read more…

More about Cybersecurity, Mac Apps, Tech, and Cybersecurity

Hacker convention in Vegas is full of tin-foil hats. Literally.

TwitterFacebook

What if they really are out to get you. 

If you spend enough time walking the Las Vegas casino floors, you’re sure to come across some unique sights. But scores of people sporting all shapes and sizes of literal tin-foil hats? Welcome to DEF CON.

The annual hacker convention currently underway in the Nevada desert draws a diverse crowd of professional and hobbyist security researchers from around the world. And, for the most part, they all share one defining characteristic: the desire to stick it to The Man. 

Which, well, that specific proclivity just might end up making you a target. Read more…

More about Hackers, Def Con, Tech, and Cybersecurity

These stoner hackers want machine learning to save us from sick weed

TwitterFacebook

Nothing harshes a good mellow like sick buds. Thankfully, there may one day be an app for that. 

Hidden from the hazy Friday afternoon of Las Vegas, tucked away in the basement of the Flamingo casino, a group of likeminded hackers and security researchers gathered to explore “DIY cannabis tech” at DEF CON’s Cannabis Village. One researcher in particular, Harry Moreno, told the rather laid-back crowd that he believed that machine learning could one day solve a huge problem for home-grow enthusiasts: determining whether or not, and in what capacity, a marijuana plant is sick.

More about Marijuana, Machine Learning, Def Con, Tech, and Cybersecurity

Box that unlocks iPhones is the hottest new gadget for police

TwitterFacebook

Law enforcement agencies — despite protests from privacy advocates — have long lobbied to get access to your smartphone.

Now a mysterious U.S. startup called Grayshift — which reportedly has an ex-Apple security engineer on staff — is providing iPhone unlocking tools to cops, according to Motherboard.

GrayKey is a box that measures four by four inches wide, and features two Lightning cables at the front, as per a post by security software company Malwarebytes. 

According to Forbes, Grayshift claims the device only works with iOS 10 and 11, with iOS 9 compatibility slated for the future. Devices ranging from the iPhone X to the 6 are supported, as are various iPad models. Read more…

More about Apple, Iphone, Cybersecurity, Fbi, and Law Enforcement

Crunch Report | HBO NOW Passes 2 Million Subscribers

HBO NOW passes 2 million subscribers, Trident Capital Cybersecurity raises a $300 million fund, Pinterest adds new visual search features and Y Combinator now takes recommendations from anyone. All this on Crunch Report! Read More

Powered by WPeMatico

Google’s bug bounty program pays out $3 million, mostly for Android and Chrome exploits

security globe If you’re willing to hunt for flaws within its vast array of software and services, Google’s happy to pay up. Over the course of its 2016 Vulnerability Rewards Program, the company paid out $3 million—a third of the total $9 million that enthusiastic researchers have earned since the initiative, more colloquially known as a bug bounty program, launched in 2010. The… Read More

Powered by WPeMatico

Trump to sign yet another trash executive order, this time on 'the cyber'

‘President’ Donald Trump is expected to sign an executive order addressing cybersecurity today, Reuters reports in an item that cites “two sources familiar with the situation.” The EO is expected to be Trump’s first action to address what he called a top priority of his administration during the Presidential campaign.

(more…)

Powered by WPeMatico

What your security scientists can learn from your data scientists to improve cybersecurity

Double Exposure Of Computer Language And Man Wearing Sunglasses Security remains one of the top unresolved challenges for businesses. Billions of dollars have been spent on security technology over the last 30 years, yet hackers seem to be more successful than ever. Every organization is now under extreme threat, all the time. Here are some lessons that data scientists have learned and to which security professionals need to pay attention. Read More

Powered by WPeMatico

Secret Double Octopus nabs $6M for a stronger, easier alternative to regular 2FA

8093376393_713fb93477_k Israel is home to around 450 active startups in the field of cybersecurity, according to a recent report in Reuters. Now, the one with perhaps the most distinctive name of them all is announcing some funding for a novel approach to authentication. Secret Double Octopus — which borrows a concept from the world of nuclear launch codes to build extra-secure, but simple, keyless… Read More

Powered by WPeMatico

Recommendations on cyber security for the 45th president… Use more hackers

New York City - USA - April 27 2016: Republican presidential candidate Donald Trump gestures while speaking to press after his five-state super Tuesday win 2016 was an extraordinary year. A record number of security breaches affected billions of people worldwide, including cyber attacks that dramatically impacted the course of businesses and governments. The Unites States, the world’s most connected nation, and the rest of the world will face a deficit of 1.5 million cyber professionals over the next  five years whose jobs are essential… Read More

Powered by WPeMatico