Infamous hacker group OurMine has struck video streaming service Vevo. The group breached Vevo late on Thursday, gaining access to, and leaking, more than 3 terabytes of internal videos and documents.
OurMine -- more recently involved in HBO hacks and Game of Thrones leaks -- managed to get hold of office documents, videos and promotional materials. While many of the files and documents are fairly innocuous, at least some of them would be considered "sensitive" in nature.
As of August 28, certain financial services companies based in New York now have to comply with the state’s new cybersecurity requirements, known by the (very long) acronym 23 NYCRR 500. On the line for affected banks and insurers are both penalties for non-compliance and potential business loss if they continue to expose their businesses to cyber threats.
The regulations took effect March 1, but included a three-month grace period for companies to get organized before needing to meet the first wave of mandates. Companies will have ongoing deadlines over the next two years as further layers of compliance continue to take effect. Notably, affected financial services companies will need to have an encryption strategy in place by September 2018.
An interesting side effect of the recent hurricanes Harvey and Irma is that malware infections in the Florida and Texas areas have seen a dramatic fall.
Data released by Enigma Software Group, makers of the SpyHunter anti-malware software, shows that infections in the Houston area showed a 52.5 percent drop from the average on August 29th.
With the launch of the iPhone X, Apple unleashed Face ID biometrics on the world. During a demonstration of the feature there was a SNAFU when Face ID failed to work as intended (due, Apple says, to staff playing around with the device beforehand), and there are many questions hanging over the idea of using one's face to unlock a phone -- Senator Al Franken has many questions, for example.
Among the questions posed by Franken and others are queries such as "what's to stop someone using a photo or mask to unlock my phone?", and "if a mugger steals my phone, could they not unlock it just be holding it in front of my face?" Good points, though Apple Senior VP Craig Federighi says there are built-in measures to prevent such instances of unauthorized unlocking.
Chrome will stop trusting any security certificates issued by Symantec, Google has confirmed.
In a blog post, Chrome Security's Devon O’Brien, Ryan Sleevi and Andrew Whalley say that certificates from the security firm will be "distrusted," starting with version Chrome 66. This affects all certificates issued before June 1, 2016.
From the moment Apple started to talk about Face ID, there were concerns voiced about privacy and security. It's not just security experts and potential users who have these worries; Senator Al Franken has written to Tim Cook asking for details about the safeguards Apple has put in place to protect users.
On top of this, Franken wants to know more about how Apple trained the Face ID algorithm, and seeks assurances that third parties will not be able to access or be granted access to Face ID data.
Cyber criminals supplementing their income by mining cryptocurrencies like Bitcoin is nothing new. Usually this has been done by installing malware or PUPs on the machines of unsuspecting users.
The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government.
Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.
A recent report from Check Point Research suggested that the presence of Windows Subsystem for Linux (WSL) in Windows 10 poses a security risk to Microsoft's operating system. Researchers from Check Point highlighted the issue of Bashware attacks which use WSL to bypass security products.
Microsoft, predictably enough, disagrees with the findings -- and so do other researchers. The Windows-maker says it views the risk of Bashware as "low". But is the company being too dismissive?
With internet threats showing no signs of slowing down, it's vital to keep all of your devices protected and this applies in the home as much as the workplace.
With the launch today of its latest consumer products, McAfee is aiming to protect against threats as well as offering online privacy and safety for the whole family.
It's widely accepted that there is a shortage of people with cyber security skills, yet a new study shows that companies are failing to give IT professionals -- the people implementing and operating security strategies for most organizations -- the training and responsibility they need to take on a more proactive cyber security role.
The study, from security training company (ISC)2 also reveals that many IT professionals feel their security guidance is being ignored by business leadership.
Armis Lab, the Internet of Things security firm, has revealed details of BlueBorne, a Bluetooth vulnerability that affects millions of iOS and Android smartphones, IoT devices, and Windows and Linux systems. In all, 5.3 billion devices are believed to be at risk.
The BlueBorne attack makes it possible for an attacker to spread malware or take control of nearby devices. What's particularly concerning is that for an attack to be successful, there is no need for device pairing, or even for a target device to be in discoverable mode. There's also no need for any sort of interaction by the victim -- everything can happen completely silently in the background.
Every home should have a Wi-Fi security camera nowadays. They are convenient, easy to use, and very affordable. It used to be a rather expensive affair to have security cameras installed in a home. Now? Not so much. Not only do they let you monitor your home remotely for security reasons, but they can help you keep an eye on family members and pets too.
Today, popular network hardware manufacturer TP-Link releases an all-new Wi-Fi security camera, and it looks rather nice. Called "KC120 Kasa Cam," it is inexpensive, making it a product homeowners should consider. It even comes with free cloud storage. The camera has some nice features and specs, such as 1080p video, night vision, activity alerts, 2-way audio communication, and an adjustable magnetic base for easy placement.
While many people welcomed the arrival of Windows Subsystem for Linux (WSL) in Windows 10, it has been found to be a potential security issue. A new technique known as a Bashware has been discovered by security researchers that makes it possible for malware to use the Linux shell to bypass security software.
While administrator access is needed to execute a Bashware attack, this is fairly easily obtained, and the technique can be used to disguise malicious operations from antivirus software and other security tools. Researchers from Check Point Research point out that the danger stems from the fact that "existing security solutions are still not adapted to monitor processes of Linux executables running on Windows."