Ever since the Ukrainian "Maidan" revolution, the country has been subjected to waves of punishing cyberwar attacks, targeting its power grids, finance ministry, TV networks, election officials, and other critical systems. Read the rest
Mozilla has extended and improved its Firefox Focus browser, heretofore an Ios product, bringing it to Android, with auto-blocking of trackers and ads and making it easy to erase your browser history. Read the rest
Chinese state media reports on a $28/RMB188 app that browses webcams whose default passwords haven't been changed, allowing subscribers to watch the goings-on in stores, living rooms, bedrooms, children's rooms, and anywhere a CCTV might be installed. Read the rest
Princeton computer scientist and former White House Deputy CTO Ed Felten (previously) writes about the security lessons of the 2016 election: first, that other nation-states are more aggressive than generally supposed, and second, that you don't need to hack the vote-totals to effect devastation on an adversary -- it's sufficient to undermine the election's legitimacy by messing with voter rolls, "so there is uncertainty about whether the correct people were allowed to vote." Read the rest
The NSO Group is an Israeli firm that describes itself as a "cyber warfare" company, dealing exclusively to governments, including the famously corrupt and dysfunctional government of Mexico. The NSO Group is presently for sale, with a $1 billion pricetag. Read the rest
Want to be really sure that your Internet of Things gadgets and laptops aren't being remotely controlled by malware? Read the rest
The news of attempts by Russian hackers to compromise US voting systems will forever throw into question the results of close US elections -- but that's not just because voting machines are security tire-fires, it's because they're security tire-fires whose vote-counts cannot be audited. Read the rest
Germany's interior ministry has announced sweeping new surveillance powers ahead of the coming national election, which would include the right to infect residents' computers with malware in order to spy on their encrypted communications (shades of the illegal Bundestrojaner program), ordering tech companies to deliberately introduce defects into their cryptography, and fingerprinting children as young as 6. Read the rest
Journalism After Snowden: The Future of the Free Press in the Surveillance State is a new essay collection from Columbia Journalism Review Books with contributions from Ed Snowden, Alan Rusbridger (former editor-in-chief of The Guardian); Jill Abramson (former New York Times executive editor; Glenn Greenwald, Steve Coll (Dean of Columbia Graduate School of Journalism), Clay Shirky, Cass Sunstein, and Julia Angwin. Read the rest
Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware's author and handing you the power-bill. Read the rest
Pity poor Turla, the advanced persistent threat hacking group closely associated with the Russian government who were outed yesterday for their extremely clever gimmick of using Britney Spears's Instagram account as a covert channel for controlling compromised computers in the field while protecting their "command and control" servers; today, Turla faces another devastating disclosure, a report that Turla exploited gaps in the security model of satellite TV and internet systems to make it possible for compromised computers to contact the C&C servers without revealing their locations. Read the rest
The independent, Congressionally mandated Health Care Industry Cybersecurity Task Force released its report last week, setting out their findings about the state of security in America's health technology (very, very, very bad) and their recommendations (basic commonsense cybersecurity 101). Read the rest
A key weakness in malicious software is the "Command and Control" (C&C) system: a central server that the malware-infected systems contact to receive updates and instructions, and to send stolen data. Anti-malware researchers like to reverse engineer malicious code, discover the C&C server's address, and then shut it down or blacklist it from corporate routers.
An anonymously leaked Top Secret NSA report on Russian state hackers interfering with the US elections has been published by The Intercept, which had the documents independently analyzed by a who's-who of America's leading security experts. Read the rest
The U.S. Supreme Court today agreed to hear an important digital privacy rights case that will determine if police have to get a warrant to access your cellphone location data, which is archived by wireless carriers.
Well, there's a second-decade-of-the-21st-century headline for you! Read the rest