Tagged With security

0

Machine learning is changing the way systems are being designed and how we process information. That's true in security as well. But can a ML-based approach protect us when dealing with attack vectors and exploits that haven't been seen before? I spoke with Cylance's VP for engineering, Milind Karnik.

0

Researchers at malware and security software testing company AV-TEST have discovered 139 samples of malware that "appear to be related to recently reported CPU vulnerabilities." Although most of the samples they discovered seem to be based on proof-of-concept software created by security researchers the number of unique samples is on the rise.

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.

0

The Federal government is going to spin revelations of the leaked Cabinet papers in lots of ways. But the entire matter comes down to a simple fact. Information security might be backed by technology in many cases. But all the best tech in the world isn't worth a pinch of salt if humans cock things up.

This leak, which will cause great embarrassment in government and opposition ranks, is the fault of people who simply didn't do their jobs.

7

Have you ever walked up to an ATM and wished it would spew out thousands of dollars instead of you panicking if a $20 withdrawal will be rejected? It turns out that with some malware and custom hardware, it's possible to turn an ATM into a poker machine that pays out every time. These attacks are widespread in Asia and Europe but they have hit the US, with the technology now becoming increasingly accessible.

1

Israeli security firm Checkmarx has found that it's possible to reconstruct someone's Tinder session, including access to photos, by capturing traffic if you're connected to the same Wi-Fi network. The issue affects both the iOS and Android version of the app with a proof-of-concept app, dubbed TinderDrift, created to highlight how the flaw can be used.

12

A long, long time ago, having a good password was all you needed to make sure your Gmail (or other online) account was secure. Now, if you don't have two-factor authentication, or 2FA, then you're missing out on a really simple way to protect yourself. Why, then, do less than 10 per cent of Gmail users have 2FA enabled? Great question.

0

Viruses don't want to be removed, so the nastier ones will fight to stay put by disabling protection software, cloaking their presence and even generating fake windows and dialog boxes to give you a bum steer. Looks like malicious extensions are getting in on the action too, doing whatever they can to evade uninstallation.

0

After news broke that nearly every processor in your computers and mobile devices was vulnerable to attack thanks to two security flaws -- Meltdown and Spectre -- companies like Microsoft and Google have released patches to shore up the security of their respective operating systems and devices. Apple is now joining the party, releasing a statement about its affected devices and instructing its users to update their devices.

Shared from Gizmodo

2

There's small screwups and big screwups. Here is tremendously huge screwup: Virtually all Intel processors produced in the last decade have a major security hole that could allow "normal user programs - from database applications to JavaScript in web browsers - to discern to some extent the layout or contents of protected kernel memory areas," the Register reports.

0

No matter what your console is, you can add passcode, verification methods and two-factor authentication options and do it either through your web browser or on the console itself. Sorry, but you're out of excuses of why you haven't secured your account from people looking to steal your personal information.

0

That innocent-looking mobile game you just downloaded might just have an ulterior motive. Behind the scenes, hundreds of different apps could be using your smartphone's microphone to figure out what you watch on TV, a new report from The New York Times reveals. Here's what you need to know about these eavesdropping apps and what you can do to stop them.

4

Wi-Fi startup PoweredLocal is launching a national mesh Wi-Fi network that will merge its 2,100 Wi-Fi access points in venues and retailers across Australia. The aim is to address what the company says are some key pain points with existing public Wi-Fi offerings such as slow data speeds and excessive login screens. Do we need more free Wi-Fi? And it seems that there is a hidden cost with this free service.

1

A team from the University of Melbourne has been able to take de-identified data of 2.9 million Australians and put it back together to identify who the data pertains to. This has potentially placed the personal data on more than one in ten Aussies in public, with sport stars and other public figures likely to be targeted.

0

A vulnerability from last century, dubbed ROBOT (Return Of Bleichenbacher’s Oracle Threat) is back and potentially impacts a number of major websites including Facebook and Paypal. ROBOT affects the handling of RSA encryption keys as they are applied to the TLS protocol. If a website uses these keys, it is possible to launch a man-in-the-middle attack by sending dodgy queries to a website which result in the session key being revealed. This allows an attacker to decrypt traffic between the web server and the browser.