Security

5

A few years ago, Facebook acquired a VPN app from security software company called Onavo. The app, Onavo Protect, has been sitting there, not doing a whole lot. But now Facebook is on a more concerted push to make Onavo part of your Facebook experience.

If you launch the Facebook app on your smartphone, pop into the settings and scroll down the "Explore "section (you might need to tap on a "Show more" option) you'll find a link to something called Protect. This leads you to an App Store link for Onavo Protect. But it's not just about protecting your data.

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.

0

Machine learning is changing the way systems are being designed and how we process information. That's true in security as well. But can a ML-based approach protect us when dealing with attack vectors and exploits that haven't been seen before? I spoke with Cylance's VP for engineering, Milind Karnik.

2

A significant software re-write will be needed to fix a bug with Skype for Windows. Vulnerability in the application's update feature means a malicious actor can gain access to the computer's system account and grant themselves privileges to do whatever they like. The vulnerability is fixable but will require a significant rewrite with an indication that Microsoft will need to issue a new version of Skype rather than a patch.

Shared from Gizmodo

0

A feature that identifies who screenshots your public posts is not a bad feature, unless you learn about it the hard way - trying to creep surreptitiously. And it appears that Instagram is now quietly testing such a feature within Instagram Stories, the Snapchat-like service that lets users create a sequence of photos and videos that disappear after 24 hours.

0

Microsoft's Advanced Threat protection is part of Windows 10. And while the company would love for everyone to keep up and run the latest version of their operating system, there are still plenty of people running older versions of Windows. In order to protect them, Microsoft will be extending availability of Advanced Threat Protection to Windows 7 and Windows 8.1.

0

The opening ceremony for the Pyeongchang 2018 Winter Olympics was hit by a significant cyberattack that saw ticket holders unable to print tickets out from the Games' website and internet access shut down during the opening. While the organising committee says they have taken all steps to remedy the attack, they refuse to tell anyone about the source or any further details on what happened.

0

The United States Senate has been looking into last year’s breach at credit rating agency Equifax. They’ve sent a letter to Equifax’s interim CEO, Paulino de Rego Barros Jr, saying the company provided the Congress with misleading, incomplete or contradictory information. Among the Senate’s accusation are the allegation that the scope of the breach was understated, the breach was the result of a series of failures and that the aftermath was botched.

2

Lots of interesting software is uploaded to GitHub but iBoot - a key component of iOS - has been made publicly available in a significant data leak. iBoot is the software that ensures a trusted version of iOS is loaded. It's basically iOS' BIOS and ensures that the operating system that is loaded is the signed version Apple has distributed.

It's the kind of thing threat actors and intelligence agencies would love to get their hands on.

0

The disclosure of the Meltdown and Spectre computer vulnerabilities on January 2, 2018 was in many ways unprecedented. It shocked – and scared – even the experts. The vulnerabilities bypass traditional security measures in the computer and affect billions of devices, from mobile phones to massive cloud servers.

We have, unfortunately, grown used to attacks on computer systems that exploit the inevitable flaws resulting from vast conceptual complexity. Our computer systems are the most complex artefacts humans have ever built, and the growth of complexity has far outstripped our ability to manage it.

3

New legislation has been introduced to the parliament that will make it easier for state, territory and federal departments to share facial recognition data in near real-time. Five separate facial recognition services will work together so that processes that used to take days can be completed in a time that allows law enforcement and other agencies to identify people more readily.

4

Public WiFi is one of those things that can be really handy. But it can be fraught with danger as bad guys either set up spoof access points or poor security means anyone can eavesdrop on your traffic and listen in on the data you transmit and receive. One security company decided to go on a war-driving journey, on their bikes, to track down the safest public WiFi in all the land.

0

Researchers at malware and security software testing company AV-TEST have discovered 139 samples of malware that "appear to be related to recently reported CPU vulnerabilities." Although most of the samples they discovered seem to be based on proof-of-concept software created by security researchers the number of unique samples is on the rise.

0

The Federal government is going to spin revelations of the leaked Cabinet papers in lots of ways. But the entire matter comes down to a simple fact. Information security might be backed by technology in many cases. But all the best tech in the world isn't worth a pinch of salt if humans cock things up.

This leak, which will cause great embarrassment in government and opposition ranks, is the fault of people who simply didn't do their jobs.

0

This week, it was reported that fitness app Strava had published data that allowed ordinary citizens to determine the locations of secret military installations around the world. Strava publishes heatmaps showing the most popular running and cycling routes used by professional and amateur athletes who use their platform. A uni student looked at the heat maps in several conflict zones and was able to ascertain the locations of military bases from his observations. But the blame isn't with Strava - the personnel involved are the problem.

7

Have you ever walked up to an ATM and wished it would spew out thousands of dollars instead of you panicking if a $20 withdrawal will be rejected? It turns out that with some malware and custom hardware, it's possible to turn an ATM into a poker machine that pays out every time. These attacks are widespread in Asia and Europe but they have hit the US, with the technology now becoming increasingly accessible.