FTC to Fine Twitter for Using Consumer Data for Targeted Ads

Twitter revealed that the Federal Trade Commission may hit it with a fine up to $250 million for using consumers’ email addresses and phone numbers — collected for “safety and security” purposes — to target ads, something it said it did “inadvertently” between 2013 and 2019. This is a violation of its 2011 agreement with the FTC, in which Twitter agreed that it would no longer mislead consumers by not disclosing other potential uses. Twitter has already received a draft complaint from the FTC. Continue reading FTC to Fine Twitter for Using Consumer Data for Targeted Ads

Latest Twitter Hack Puts Spotlight on Internal Security Issues

Since 2015, Twitter chief executive Jack Dorsey and the company board have been warned annually about internal cybersecurity risks. In fact, there are about 1,500 employees plus contractors with the power to make changes in 186 million daily user accounts, and the company had experienced breaches due to internal sources. Then, on July 15, hackers tricked employees to compromise 130 Twitter accounts, including those of Jeff Bezos, Joe Biden, Barack Obama and Elon Musk, stealing data from eight unidentified accounts. Continue reading Latest Twitter Hack Puts Spotlight on Internal Security Issues

Prominent Twitter Accounts Hacked for Cryptocurrency Fraud

On Wednesday, scammers launched one of the most audacious attacks in recent memory, posting messages from the Twitter accounts of Joe Biden, Barack Obama, Kanye West, Bill Gates and Elon Musk that if people sent Bitcoin, the famous person would send back double the money. The first attack targeted high-profile cryptocurrency leaders and companies, but soon broadened to include a list of prominent U.S. politicians and entertainment and tech executives. It appears that an internal Twitter account was involved in the attacks, but it has yet to be determined whether an employee was willfully complicit. Continue reading Prominent Twitter Accounts Hacked for Cryptocurrency Fraud

‘Zoombombing’ on the Rise, Zoom Works to Improve Security

As use of Zoom Video Communications’ conferencing services have soared, the company’s chief executive Eric Yuan has had issues scaling up the popular app. The nine-year-old tool, once a favorite in the business world, is now ubiquitous among a wide swathe of consumers, educators and others. Issues with privacy and hacking have arisen, and Yuan admitted he “messed up” on security, especially with the claim — proven false — that Zoom offered end-to-end encryption. Yuan said the full encryption feature will be available in a few months. Meanwhile, some users are switching to other platforms. Continue reading ‘Zoombombing’ on the Rise, Zoom Works to Improve Security

Intel Issues a Patch to Address Concerns About Chip Security

According to researchers at security firm Positive Technologies, Intel chips that were released during the past five years contain a flaw that may allow hackers to overcome built-in security measures. The flaw is in the Converged Security and Management Engine (CSME), described as a subsystem inside CPUs and chipsets similar to AMD’s Platform Security Processor. Intel has issued a patch, but Positive Technologies said it may not be enough to protect systems containing the flawed products. Intel’s 10th generation processors are reportedly not among those affected. Continue reading Intel Issues a Patch to Address Concerns About Chip Security

Ransomware Attacks Increase and Demand Bigger Payouts

An increasing number of cities, hospitals and businesses are being attacked by ransomware, by which bad actors shut down the victim’s computer network until a ransom is paid. Up until now, these attacks have been hard to measure since many of those impacted quietly paid the ransom without notifying any authorities. Security firm Emsisoft just reported a 41 percent increase in ransomware attacks between 2018 and 2019, with 205,280 businesses and other groups submitting evidence of such intrusions in 2019. Continue reading Ransomware Attacks Increase and Demand Bigger Payouts

Google Bypasses Cloud to Offer AI to Enterprise Customers

AI can enable many important tasks from manufacturing to medicine, but only if the applications are speedy and secure. Communication via the cloud adds latency and risks privacy, which is why Google worked on a solution — dubbed Coral — that avoids centralized data centers. Coral product manager Vikram Tank described Coral as a “platform of [Google] hardware and software components … that help you build devices with local AI — providing hardware acceleration for neural networks … right on the edge device.” Continue reading Google Bypasses Cloud to Offer AI to Enterprise Customers

NSA Discovers Windows Vulnerability — and Tells Microsoft

The National Security Agency (NSA) discovered a vulnerability in versions of Windows and, instead of retaining it, reported it to Microsoft, which is now patching the flaw in its handling of certificate and cryptographic messaging functions. The vulnerability could have enabled attackers to use malicious code that would pretend to be legitimate software. Microsoft also warned all current users of Windows 7 Home Basic, Home Premium, Professional or Ultimate to upgrade immediately. Continue reading NSA Discovers Windows Vulnerability — and Tells Microsoft

Las Vegas Was a Target of Cyberattack While Hosting CES

Early Tuesday morning, just as CES 2020 was getting underway, the team that monitors computers for Las Vegas detected a potential cyberattack as the city’s systems were reportedly compromised. While city officials tweeted about the breach, the information was light on details regarding which operations had been affected or the extent of the attack. The timing was unfortunate, since the annual CES confab is one of the largest events in Las Vegas. Last year, the show attracted more than 175,000 people and 4,400 exhibitors, including a number of Fortune 500 companies. Continue reading Las Vegas Was a Target of Cyberattack While Hosting CES

CES 2020: Experts Consider Cybersecurity For Smart Cities

The smart city was the topic of a CES conversation moderated by Strategic Cyber Ventures chief executive Hank Thomas, whose expertise was gained in relevant military and government work. Columbus, Ohio won the U.S. Department of Transportation’s first Smart City Challenge, and Smart Columbus director Jordan Davis reported that this win came with $50 million in grant funding, which was matched locally. “There is no clear definition of what a smart city is,” Davis noted. “But seamless connectivity is the ideal.” Continue reading CES 2020: Experts Consider Cybersecurity For Smart Cities

Multiple Bugs Made Zoom Hardware Susceptible to Hackers

In July, security firm Forescout discovered that DTEN touchscreen smart TVs, one of video conference service Zoom’s “certified hardware providers,” can be hacked to allow evildoers to bug conference rooms and capture video feeds and whiteboard notes. A two-week study of the DTEN D5 and D7 connected displays revealed five bugs, three of which have been patched but two of which remain. After Forescout disclosed the flaws to DTEN, it decided to go public to raise awareness of the security threat. Continue reading Multiple Bugs Made Zoom Hardware Susceptible to Hackers

5G Offers Wireless Carriers More Security, Privacy Options

One of the benefits of 5G, expected to be 100 times faster than 4G networks, is the improved protection of sensitive data. Much of the conversation about 5G networks has focused on the security issues related to Chinese vendors of gear used in 5G networks. But Verizon chief information officer Chandra McMahon noted that “security is designed into 5G and there will be additional [security] technical features.” Another advantage is that 5G providers will rely on the cloud, providing more capacity and flexibility. Continue reading 5G Offers Wireless Carriers More Security, Privacy Options

Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Russian hackers have been responsible for serious cybercrimes in the last few years, including Sandworm, a group of hackers who attacked the 2018 Olympics, among other targets. Now, Russia is seeking to replace the 2001 Budapest Convention on Cybercrime with a new agreement that will align with its interests. The country is playing hardball in its attempt to prevent its citizens arrested abroad to be extradited to the U.S. for trial, including holding an Israeli citizen for trade with a Russian hacker held in that country. Continue reading Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Hackers Increasingly Use SIM-Swapping to Hijack Accounts

Last week, hackers took over the Twitter account of that company’s chief executive Jack Dorsey, using SIM-swapping, a technique that lets hackers access social media, email, financial accounts and other sensitive data. SIM-swapping, by which hackers take over the target’s phone, is being used to steal money and take over the “online personae” of celebrities, politicians and other notable people. In response, Twitter temporarily turned off the feature that allows users to send tweets via text message. Continue reading Hackers Increasingly Use SIM-Swapping to Hijack Accounts

DARPA Attempts to Stop Automated Disinformation Attacks

The Defense Advanced Research Projects Agency (DARPA) published a concept document for the Semantic Forensics (SemaFor) program, aimed at stopping “large-scale, automated disinformation attacks,” by detecting fakes among thousands of audio clips, photos, stories and video. As the 2020 Presidential election approaches, U.S. officials are working to prevent hackers from spreading disinformation on social platforms, but Senate majority leader Mitch McConnell won’t consider any election security laws. Continue reading DARPA Attempts to Stop Automated Disinformation Attacks

Page 1 of 9123456789