Medical implants and hospital systems are still infosec dumpster-fires

Medical devices have long been the locus of information security's scariest failures: from the testing and life-support equipment in hospitals to the implants that go in your body: these systems are often designed to harvest titanic amounts of data about you, data you're not allowed to see that's processed by code you're not allowed to audit, with potential felony prosecutions for security researchers who report defects in these systems (only partially mitigated by a limited exemption that expires next year). What's more, it can get much worse. Read the rest

Most Chipotle restaurants were hacked by credit-card stealing malware

Did you think you got away clean when you ate at Chipotle without dying of listeria? Not so fast! Read the rest

UK Tories say they'll exploit Manchester's dead to ban working crypto in the UK

One of UK Prime Minister Theresa May's government ministers told a reporter from The Sun that the government is planning on invoking the "Technical Capabilities Orders" section of the Snoopers Charter, a 2016 domestic spying bill; the "orders" allow the government to demand that companies cease using working cryptography in their products and services, substituting it with deliberately defective code that can be broken. Read the rest

TSA to require some electronics out of bags at 10 U.S. airports starting Memorial Day weekend

The TSA will be testing out expanded screening for carry-on electronics larger than a phone and certain food items at selected airports around the country. The new rules come just two days after a major terrorist attack in Manchester, UK, and stepped-up security in response.

The TSA says they're “testing security screening procedures for carry-on bags at 10 U.S. airports” only, and “There are no changes to nationwide procedures.”

Read the rest

1Password's new travel mode locks you out of your accounts while you're travelling and crossing borders

1Password has taken Maciej Cegłowski's demand for a "travel mode" for our technology to heart, introducing a new feature that locks you out of your own accounts when you're in situations where you might lose control of your devices or be compelled to log into your accounts without your consent.

Read the rest

An IoT botnet is trying to nuke Wcry's killswitch

Whoever created the Wcry ransomware worm -- which uses a leaked NSA cyberweapon to spread like wildfire -- included a killswitch: newly infected systems check to see if a non-existent domain is active, and if it is, they fall dormant, ceasing their relentless propagation. Read the rest

UK prison deploys active anti-drone countermeasures to fight contraband smuggling

A UK weapons company called Drone Defence has sold an anti-drone product to Les Nicolles prison on Guernsey that will use 20 nonspecific "disruptors" to do something to drones that will stop them from overflying the prison and smuggling in contraband. Read the rest

Oops! United flight attendant accidentally posted cockpit door codes

The Wall Street Journal reports that human error is still a factor in potential cockpit door breaches. Read the rest

New clues in WannaCry ransomware attack point to North Korea and Kim Jong Un

“The self-spreading ‘WannaCry’ internet worm, which ripped through 160,000 computers and crippled hospitals and other businesses, is now being linked to a North Korean cyber gang,” reports Kevin Poulsen at Daily Beast.

Read the rest

That time the TSA started screening all paper products separately

Akal Security Inc is the TSA contractor that screens passengers at Kansas City International Airport under a $108m/5 year contract; earlier this month they began abruptly scanning all paper products in carry on luggage, requiring passengers to pull out their books, papers, even post-it notes for secondary inspection. Read the rest

Yesterday's report of hardier Wcry retracted, but new versions found

Yesterday's report of a Wcry ransomware version that didn't have the killswitch that halted the worm's spread was retracted by Motherboard and Kaspersky Lab -- but today, France's Benkow computing document a new Wcry strain that has a different killswitch -- one that has already been registered, stopping the new strain. Read the rest

Retracted! Wcry ransomware is reborn without its killswitch, starts spreading anew

Motherboard has retracted this story: "Correction: This piece was based on the premise that a new piece of WannaCry ransomware spread in the same manner as the one that was responsible for widespread attacks on Friday, and that it did not contain a so-called kill switch. However, after the publication of this article one of the researchers making this claim, Costin Raiu, director of global research and analysis team at Kaspersky Lab, realized that was not the case. The ransomware samples without the kill switch did not proflierate in the same manner, and so did not pose the same threat to the public. Motherboard regrets the error."

Yesterday, the world got a temporary respite from the virulent Wcry ransomware worm, which used a leaked NSA cyberweapon to spread itself to computers all over the world, shutting down hospitals, financial institutions, power companies, business, and private individuals' computers, demanding $300 to reactivate them. Read the rest

Anti-DRM artists march on the World Wide Web Consortium today

Today, activists will gather in Cambridge, Mass to march to the offices of W3C Director Tim Berners-Lee to urge him to keep DRM out of the standards for the open web. Read the rest

The virulent ransomware worm has been stopped (for now) by a hidden killswitch

As the Wcry ransomware burned across the globe yesterday, spreading to more than 80 countries thanks to a bug in Windows that the NSA deliberately kept secret in order to weaponize it, it seemed unstoppable. Read the rest

Ransomware hackers have stolen hospitals and doctors' offices across the UK, using a leaked NSA cyberweapon

25 NHS trusts and multiple doctors' practices in England and Scotland (but so far, not Northern Ireland or Wales) report that they have had to effectively shut down due to a massive Wcry ransomware infection that has stolen whole swathes of the English healthcare system in one go. The infection appears to exploit a bug that the NSA discovered and deliberately kept secret, only to have it revealed by the Shadow Brokers. Read the rest

HP's stupid audio-driver logs every keystroke you make (and it has an API!)

The Swiss security research firm Modzero just published a report documenting a grave flaw in HP laptops: an audio-driver made by Conexant that captures every keystroke (to detect volume up/down and mute-button presses) and saves them to an unencrypted file on the local system, which can then be exfiltrated via a debugging API that allows remote parties to see every keystroke in realtime. Read the rest

Intel declared war on general purpose computing and lost, so now all our computers are broken

It's been a year since we warned that Intel's Management Engine -- a separate computer within your own computer, intended to verify and supervise the main system -- presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next? Read the rest

More posts