-
Sounding the Alarm on Emergency Alert System Flaws
PRIVACY PRIVACY The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop…
-
Xiaomi Smartphone Vulnerabilities Could Lead to Forged Payments
PRIVACY PRIVACY The devices were powered by MediaTek chips and susceptible to two kinds of attacks Read More
-
Twitter Exposes Personal Information for 5.4 Million Accounts
PRIVACY PRIVACY Twitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information. In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter’s systems. As a result of the vulnerability, if someone submitted an email address or…
-
SolidBit Ransomware Group Recruiting New Affiliates on Dark Web
PRIVACY PRIVACY 20% of the earned profit from the distribution of the ransomware will be paid to the affiliates Read More
-
Cybersecurity Snapshot: 6 Things that Matter Right Now
PRIVACY PRIVACY Topics that are top of mind for the week ending Aug. 12 (Black Hat Special Edition) | The Black Hat USA conference returned to Las Vegas this week to celebrate its 25th anniversary, as thousands of security pros gathered in the desert to get wiser about critical challenges, including cloud security, software supply…
-
#BHUSA: Failure to Challenge is a Social Engineering Risk
PRIVACY PRIVACY The UK Ministry of Defence is actively training staff to confront individuals that are engaged in risky behaviours Read More
-
#BHUSA: Bug Bounty Botox – Why You Need a Security Process First
PRIVACY PRIVACY Katie Moussouris explains why simply having a bug bounty program isn’t enough to fix security problems Read More
-
A Taxonomy of Access Control
PRIVACY PRIVACY My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no one has described this taxonomy of access control before Eyal Ittay laid it out in this paper. The paper is about cryptocurrency wallet design,…
-
#BHUSA: What has Changed in the Post-Stuxnet Era?
PRIVACY PRIVACY Investigative journalist Kim Zetter explains that Stuxnet continues to serves as a precedent for attacks happening now Read More
-
Ransomware attack blamed for closure of all 7-Eleven stores in Denmark
PRIVACY PRIVACY Ransomware is to blame for the closure of all 175 7-Eleven stores in Denmark on Monday. The retailer closed all of its stores in Denmark after its cash registers and payment systems were brought down in the attack. Read more in my article on the Tripwire State of Security blog. Read More