Both the Federal Senate Judiciary Committee and the Senate Intelligence Committee heard today from FBI Director James Comey, and from Deputy Attorney General Sally Quillian Yates, that they need a backdoor (or a “front door”, as Comey calls it) that allows them to decrypt encrypted email and messages in order to fight terrorism.
Hyatt Hotels, owners of among others the Hyatt Regency brand, has quietly announced that their Hyatt Gold Passport system has been hacked.
The Dyre Wolf phishing malware targets primarily businesses and organizations (rather than individuals). This is because it tricks the victim into giving up bank credentials, and then does a wire transfer. However it works by tricking individuals using social engineering, which is also how it gets around 2 factor authentication (2FA). Dyre Wolf is distinct from the dire wolf – Dyre Wolf is phishing malware, the dire wolf is an extinct member of the wolf family (and the direwolf is a mythical dire wolf featured in Game of Thrones).
It sounds like urban legend: “Hacker hacks video baby monitor web cam and screams at little girl.” But it’s true, and it happens more often than you think, primarily owing to people putting their baby monitors web cams online and never changing the default password.
With massive security data breaches happening more and more frequently, there is almost no way to avoid your own personal data being compromised. But what is the likelihood that your compromised data will actually be used for identity theft, fraud, or financial theft? Here’s how it breaks down.
Here is what is going on around the Sony hack tied to Sony’s ‘The Interview’ movie, and the The Interview threat from the Sony hackers. The Interview, with a Christmas release date, sees Seth Rogen and James Franco’s characters going to North Korea to interview North Korean leader Kim Jong Un, and convinced by the CIA to take the opportunity to kill Kim Jong Un. Ahead of its release, hackers hacked into Sony, grabbed all sorts of private employee and corporate data, including copies of the movie and other unreleased movies including Annie, Mr. Turner, Fury, and Still Alice, and then issued the following threat, including allusions to 9/11.
Early today the Senate declassified and made public the Senate Select Committee Study of the Central Intelligence Agency’s Detention and Interrogation Program (or, as some are calling it, the Bush Cheney CIA Torture Report). We know that many of you will be looking for the CIA torture methods report online, and so, we are giving it to you here.
Microsoft has released a critical update to patch a “privately reported” Microsoft Secure Channel (“Schannel”) vulnerability which affects all current versions of Windows and Windows Server. Says Microsoft, “This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows.”
Outlets such as the Daily Dot and Life Hacker are reporting the leaking of five million Gmail addresses and passwords on a Russian Bitcoin forum.
If you are anywhere on social media today (Facebook, Twitter, etc.), you may be wondering why suddenly everybody is talking about nude celebrity photos and nude selfies. This is because, apparently, there was a massive hacking of iCloud accounts – including those of celebrities who, apparently, had naked pictures of themselves stored on Apple’s iCloud servers.
4.5 million patient records at hospitals across the United States have been hacked, and their personal data stolen. Community Health System (also known as CHS and CHS.net) is a network of 206 hospitals across the U.S., operating under different names, in Alabama, Alaska, Arizona, Arkansas, California, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Mississippi, Missouri, New Jersey, New Mexico, Nevada, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, and Wyoming.
A new report released by Internet security firm Symantec highlights the security risks of personal and wearable tracking devices such as the FitBit, and even self-tracking apps such as Runkeeper, Runtastic, and MapMyRun. In our efforts to track and quantify our every move (what Symantec calls the “Quantified Self” movement), we are generating an unbelievable amount of data, including location data, that can be used to profile us, track our location, and even to steal our identity.
That USB thumbdrive or flash drive that you have in your pocket may be a vector for all kinds of malware in the firmware, and once infected it cannot be fixed. In fact that’s true of any USB device, not just thumb drives. That’s the conclusion that Jakob Lell and Karsten Nohl, security researchers who have developed BadUSB, have reached.