A security researcher warned Asus two months ago that employees were improperly publishing passwords in their GitHub repositories that could be used to access the company’s corporate network. One password, found in an employee repo on the code sharing, allowed the researcher to access an email account used by internal developers and engineers to share […]
View More Asus was warned of hacking risks months ago, thanks to leaky passwordsCategory: cryptography
Facebook admits it stored ‘hundreds of millions’ of account passwords in plaintext
Flip the “days since last Facebook security incident” back to zero. Facebook confirmed Thursday in a blog post, prompted by a report by cybersecurity reporter Brian Krebs, that it stored “hundreds of millions” of account passwords in plaintext for years. The discovery was made in January, said Facebook’s Pedro Canahuati, as part of a routine […]
View More Facebook admits it stored ‘hundreds of millions’ of account passwords in plaintextUK’s Police Federation hit by ransomware
The U.K.’s Police Federation has confirmed it’s been hit by a cyberattack. The union-like organization, representing 119,000 police officers across the 43 forces in England and Wales, described the event as ransomware in a statement shared on Twitter. The ransomware attack hit computers at the federation’s Surrey headquarters on March 9, but was only revealed […]
View More UK’s Police Federation hit by ransomwareLaw enforcement needs to protect citizens and their data
Robert Anderson Contributor Robert Anderson served for 21 years in the FBI, retiring as executive assistant director of the Criminal, Cyber, Response and Services Branch. He is currently an advisor at The Chertoff Group and the chief executive of Cyber Defense Labs. Over the past several years, the law enforcement community has grown increasingly concerned […]
View More Law enforcement needs to protect citizens and their dataDonated devices are doxing your data, says new research
In the space of six months, one security researcher found thousands of files from dozens of computers, phones and flash drives — most of which contained personal information. All the researcher did was scour the second-hand stores for donated and refurbished tech. New research published by security firm Rapid7 revealed how problematic discarded technology can […]
View More Donated devices are doxing your data, says new researchThe responsibility for a sustainable digital future
Mounir Mahjoubi Contributor Share on Twitter Mounir Mahjoubi is the French Secretary of State for Digital Affairs. On March 12, 2019, we celebrate the 30th anniversary of the “World Wide Web”, Tim Berners-Lee’s ground-breaking invention. In just thirty years, this flagship application of the Internet has forever changed our lives, our habits, our way of […]
View More The responsibility for a sustainable digital futureHomeland Security hasn’t done enough to protect election infrastructure, says watchdog
Homeland Security could do more to protect election infrastructure ahead, according to a new report by the department’s watchdog. The report from the inspector general, out Wednesday, said progress had been made but Homeland Security, the department charged with protecting elections and the back-end voting machine infrastructure, still “does not have dedicated staff” focused on […]
View More Homeland Security hasn’t done enough to protect election infrastructure, says watchdogCloudflare expands its government warrant canaries
When the government comes for your data, tech companies can’t always tell you. But thanks to a legal loophole, companies can say if they haven’t had a visit yet That’s opened up an interesting clause that allows companies to silently warn customers when the government turns up to secretly raid its stash of customer data […]
View More Cloudflare expands its government warrant canariesICANN warns of “ongoing and significant” attacks against internet’s DNS infrastructure
The internet’s address book keeper has warned of an “ongoing and significant risk” to key parts of the domain name system infrastructure, following months of increased attacks. The Internet Corporation for Assigned Names and Numbers, or ICANN, issued the notice late Friday, saying DNS, which converts numerical internet addresses to domain names, has been the victim […]
View More ICANN warns of “ongoing and significant” attacks against internet’s DNS infrastructureWhat business leaders can learn from Jeff Bezos’ leaked texts
Joel Wallenstrom Contributor Joel Wallenstrom is president and chief executive of Wickr, a secure communications company. Before Wickr, Joel co-founded iSEC Partners, one of the world’s leading information security research teams, later acquired by NCC Group, and served as Director for Strategic Alliances at @stake, one of the very first computer security companies in the […]
View More What business leaders can learn from Jeff Bezos’ leaked textsGoogle makes it easier for cheap phones and smart devices to encrypt your data
Encryption is an important part of the whole securing-your-data package, but it’s easy to underestimate the amount of complexity it adds to any service or device. One part of that is the amount of processing encryption takes — an amount that could be impractical on small or low-end devices. Google wants to change that with a highly efficient new method called Adiantum.
View More Google makes it easier for cheap phones and smart devices to encrypt your dataAs threats proliferate, so do new tools for protecting medical devices and hospitals
Six months after an episode of “Homeland” showed hackers exploiting security vulnerabilities in the (fictional) Vice President’s pacemaker, Mike Kijewski, the founder of a new startup security company called Medcrypt, was approached by his (then) employers at Varian Medical Systems with a unique problem. “A hospital came to the company and said we are treating […]
View More As threats proliferate, so do new tools for protecting medical devices and hospitals