Reports are emerging that the CCleaner outbreak targeted computers at some specific companies. Evidence procured from data on a command-and-control server shows that 20 of the 700,000 affected computers belonged to companies such as Samsung, Cisco, Sony and Microsoft.
According to reports, the Teresa May's government demanded WhatsApp give them access to encrypted messages. That request was flatly denied but it's a topic that may will raise at a meeting being held at the UN. I suspect this is the start of another campaign to undermine the rights of individual privacy by playing the "terrorist use encrypted messaging service card".
Why try to trick you into installing malware when you'll do it voluntarily? That was the tactic used by attackers who infiltrated Avast's servers and planted malicious software into CCleanup 5.33 recently. The malware was detected by Cisco Talos during some routine beta testing of their updated detection engine.
File-sharing websites are not exactly known for their sterling reputation, though a few such as famed torrent site the Pirate Bay have been around for long enough while generally avoiding shady behaviour they have acquired a certain cachet with the internet community.
The writing has been on the wall for FTP for years now and while it'll continue to serve an important role for the web behind the scenes, a browser isn't the best way to interact with the protocol. Debian will give it the punt in a couple of months and now Google will soon flag FTP sites as "not secure".
There are few feelings worse than having the sanctity of your home violated by thieves. It's not just the loss of valuable possessions, but that a stranger has completely violated your personal space. This is what happened to someone I know yesterday. But what might sound like a run-of-the-mill break-and-enter was far smarter and will have lasting implications for those involved.
If someone showed you a group photo containing your boyfriend or girlfriend, you could probably spot them without much trouble. But what if the photo was from ten years ago? Or what if their face was partially obscured? What if it contained thousands of people? That's when you might need artificial intelligence to help you out.
Chinese tech firm Yitu has perfected its facial recognition AI to such a degree that it can now identify faces faster than humans - even when they are intimately familiar with the face in question. Welcome to the next creepy stage of video surveillance.
By now, you'll have heard about the breach at Equifax, leading to the leaking for PII relating to about 143 million people in the US, Canada and the UK. While it's unlikely many Australians were directly affected, the nature of the breach highlights why mandatory data breach notification laws are important, that notification periods are critical and you need to ensure you're ready to communicate with anyone whose data your store.
Back in June, ProtonVPN announced that it was open for business. The service, developed by MIT and CERN, promises to route all traffic through privacy-friendly countries such as Iceland and Switzerland that aren't likely to hand data over to anyone else. On paper, it looked like a great option for those who looking for a secure VPN option, developed by reputable people. However, the service was so popular that it crashed. New users were put on a waiting list while the developers bolstered their infrastructure. That wait list has now been opened with the free service open to everyone.
Big fans of the cloud as we are, there's no doubt relying solely on keeping your stuff stored remotely is a risky strategy. Accounts get hacked. Companies fold. And if you don't have backups of your most precious Snapchats and Gmails, then they can disappear in a puff of data center smoke. Here's how to make sure you've got local copies of everything.
Famed author Terry Pratchett may have shuffled off this mortal coil a couple of years ago but he can still grab a headline. Last week, in keeping with his wishes, a hard drive containing his unfinished work was destroyed. But in true Pratchett fashion, rather than settling for the mundane and sterile world of using software to destroy the data, Pratchett's wish to have his hard drive run over by a steamroller was honoured. But was that the best way to destroy the data?
The United States Congress recently voted to repeal a set of regulations preventing Internet Service Providers (ISP) from selling your browsing info to third parties without your permission, setting an ominous tone for the future of net neutrality worldwide. That's why VPNs have surged in popularity as one of the last lines of defense for private browsing. While there are plenty of providers to choose from, few can match what Private Internet Access brings to the table.
Over the weekend, yet another list of potentially vulnerable IoT devices was made public. It was viewed by over 20,000 people before Pastebin removed the list of devices that responded to Telnet sessions that were secured either with default credentials such as admin/admin or not secured with any authentication at all. Which begs the question, why do some people continually shoot themselves in the foot when it comes to securing these devices?
Google has added a new firewall feature to their cloud offering. Currently in beta, the App Engine firewall, which is in beta, lets developers specify a set of rules, order them by priority and specify an IP address or a set of IP addresses. These are used to block or allow access to an application.
It stands to reason that Microsoft would be a big target for threat actors. Aside from the obvious hacker cred someone could gain from stealing source code or releasing corporate secrets, Azure hosts thousands of businesses and a compromise of that platform would be catastrophic for many companies. The most recently released Microsoft Security Intelligence Report points to an increasingly dangerous online world.
The Black Hat and DEFCON events bring together the black, white and grey hat communities to share information about what's really what when it comes to information security. Thycotic surveyed attendees at this year's Black Hat conference to find out what works and doesn't work when it comes to protecting data.
Security threats aren't all the same. Although there are some widespread security events like the recent WannaCry and NotPetya outbreaks, some industry verticals are hit in more in more targeted ways. Mike Brown is RSA's vice president and general manager for the public sector. I spoke with him at the recent RSA Conference in Singapore about the threat landscape for the public sector.