If someone wants to steal your phone number — say, to intercept the two-factor authentication SMSes needed to break into your bank account or other vital service — they hijack your SIM by impersonating you to your phone company (or by bribing someone at the company to reassign your phone number to them), and this has made the security of phone numbers into a top concern for security experts and telcoms companies, as there are millions of dollars at stake.
Use a single password for every website, and you're compromising your security. Use a different one each time, and you're bound to lose track of them. The solution? RoboForm Everywhere, a catch-all tool that will not only manage the passwords on every site you visit but generate better ones. — Read the rest
"After Gerry’s death, Quadriga’s inventory of cryptocurrency has become unavailable and some of it may be lost," said his widow.
Sukhe's plan for an "adminbook" is an audacious, well-developed plan for a laptop tailored to the needs of network administrators: small, intended for use in dark, cramped places, convertible into an external drive or display for headless systems or those needing their ROMs flashed, multilingual, with many options for I/O and power.
In a federal court filing making the rounds on Thursday, the office of special counsel Robert Mueller says the evidence seized from Roger Stone's residences is "voluminous and complex," and includes computer storage devices that contain "terabytes" of data representing decades of communication records from Stone's numerous mobile devices and online accounts. — Read the rest
In late 2017, the Norwegian Consumer Council published its audit of kids' smart-watches, reporting that the leading brands allowed strangers to follow your kids around and listen in on their conversations; a year later, Pen Test Partners followed up to see if anything had changed (it hadn't).
Former NSA spies have been working for the government of the United Arab Emirates as hacker mercenaries, helping the UAE attack journalists, dissidents, and human rights activists. This is a great read, and a shocking story from Reuters.
The Department of Homeland Security on Tuesday issued an "emergency" security alert urging federal civilian agencies to secure login credentials for their respective internet domain records.
A dump called "Collection #1" has been released by parties unknown, containing email addresses and cracked passwords: in its raw form, it contains 2.7 billion records, which Troy "Have I Been Pwned" Hunt (previously) de-duplicated to come up with 773 million unique records — of those 140,000,000 email addresses and 10,000,000 passwords have never been seen in the HaveIBeenPwned database before.
EU privacy rules force European companies to surrender data they hold on anyone, anywhere; and that includes SCL Elections, which owned Cambridge Analytica, the notorious Facebook data-miner and election-manipulator that extravagantly claimed to have won the election for Donald Trump.
When top German officials had their emails and social media hacked and dumped, people wondered whether the attack was some kind of well-financed act of political extremism, given that the targets were so high-profile (even Chancellor Angela Merkel wasn't spared) and that politicians from the neofascist Alternative for Germany were passed over by the hacker.
Hackers have published a big dump of private data related to German Chancellor Angela Merkel and hundreds of other of the country's politicians, in what is said to be the biggest data dump of its kind ever in Germany.
A coalition of shipping industry associations has published The Guidelines on
Cyber Security Onboard Ships, laying out best practices for the giant ships that ply the seas, and revealing that these behemoths are routinely infected with worms, ransomware, and malware spread by infected USB devices.
Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment.
Predpol (previously) is a "predictive policing" company that sells police forces predictive analytics tools that take in police data about crimes and arrests and spits out guesses about where the police should go to find future crimes.
A year ago, Chinese white-label CCTV/DVR vendor Xiongmai announced a recall and security update for its devices, whose weak security meant that they had been conscripted into a massive, unstoppable botnet.
Well this is fun: The United States Government Accountability Office released a report today that explains, in no uncertain terms, that the majority of the nation's new-fangled, high-tech weapons systems are hilariously vulnerable to cyber attacks.
From the Washington Post:
The report by the Government Accountability Office concluded that many of the weapons, or the systems that control them, could be neutralized within hours.
— Read the rest
Firefox Monitor is a new service from Mozilla that draws on data from Have I Been Pwned? (previously) to keep you informed when your data is breached and shows up online. The service also includes important advice, including "Treat security questions like extra passwords" by creating "long, random answers." — Read the rest
When Vancouver tech retailer NCIX went bankrupt, it stopped paying its bills, including the bills for the storage where its servers were being kept; that led to the servers being auctioned off without being wiped first, containing sensitive data — addresses, phone numbers, credit card numbers, passwords, etc — for thousands of customers. — Read the rest
I decided to enter my first USA Memory Championship only a few months after I'd first learned it existed. This was two years before it entered the wider public consciousness after its portrayal in Joshua Foer's bestselling book Moonwalking with Einstein. — Read the rest