‘Zoombombing’ on the Rise, Zoom Works to Improve Security

As use of Zoom Video Communications’ conferencing services have soared, the company’s chief executive Eric Yuan has had issues scaling up the popular app. The nine-year-old tool, once a favorite in the business world, is now ubiquitous among a wide swathe of consumers, educators and others. Issues with privacy and hacking have arisen, and Yuan admitted he “messed up” on security, especially with the claim — proven false — that Zoom offered end-to-end encryption. Yuan said the full encryption feature will be available in a few months. Meanwhile, some users are switching to other platforms. Continue reading ‘Zoombombing’ on the Rise, Zoom Works to Improve Security

Intel Issues a Patch to Address Concerns About Chip Security

According to researchers at security firm Positive Technologies, Intel chips that were released during the past five years contain a flaw that may allow hackers to overcome built-in security measures. The flaw is in the Converged Security and Management Engine (CSME), described as a subsystem inside CPUs and chipsets similar to AMD’s Platform Security Processor. Intel has issued a patch, but Positive Technologies said it may not be enough to protect systems containing the flawed products. Intel’s 10th generation processors are reportedly not among those affected. Continue reading Intel Issues a Patch to Address Concerns About Chip Security

Ransomware Attacks Increase and Demand Bigger Payouts

An increasing number of cities, hospitals and businesses are being attacked by ransomware, by which bad actors shut down the victim’s computer network until a ransom is paid. Up until now, these attacks have been hard to measure since many of those impacted quietly paid the ransom without notifying any authorities. Security firm Emsisoft just reported a 41 percent increase in ransomware attacks between 2018 and 2019, with 205,280 businesses and other groups submitting evidence of such intrusions in 2019. Continue reading Ransomware Attacks Increase and Demand Bigger Payouts

Google Bypasses Cloud to Offer AI to Enterprise Customers

AI can enable many important tasks from manufacturing to medicine, but only if the applications are speedy and secure. Communication via the cloud adds latency and risks privacy, which is why Google worked on a solution — dubbed Coral — that avoids centralized data centers. Coral product manager Vikram Tank described Coral as a “platform of [Google] hardware and software components … that help you build devices with local AI — providing hardware acceleration for neural networks … right on the edge device.” Continue reading Google Bypasses Cloud to Offer AI to Enterprise Customers

NSA Discovers Windows Vulnerability — and Tells Microsoft

The National Security Agency (NSA) discovered a vulnerability in versions of Windows and, instead of retaining it, reported it to Microsoft, which is now patching the flaw in its handling of certificate and cryptographic messaging functions. The vulnerability could have enabled attackers to use malicious code that would pretend to be legitimate software. Microsoft also warned all current users of Windows 7 Home Basic, Home Premium, Professional or Ultimate to upgrade immediately. Continue reading NSA Discovers Windows Vulnerability — and Tells Microsoft

Las Vegas Was a Target of Cyberattack While Hosting CES

Early Tuesday morning, just as CES 2020 was getting underway, the team that monitors computers for Las Vegas detected a potential cyberattack as the city’s systems were reportedly compromised. While city officials tweeted about the breach, the information was light on details regarding which operations had been affected or the extent of the attack. The timing was unfortunate, since the annual CES confab is one of the largest events in Las Vegas. Last year, the show attracted more than 175,000 people and 4,400 exhibitors, including a number of Fortune 500 companies. Continue reading Las Vegas Was a Target of Cyberattack While Hosting CES

CES 2020: Experts Consider Cybersecurity For Smart Cities

The smart city was the topic of a CES conversation moderated by Strategic Cyber Ventures chief executive Hank Thomas, whose expertise was gained in relevant military and government work. Columbus, Ohio won the U.S. Department of Transportation’s first Smart City Challenge, and Smart Columbus director Jordan Davis reported that this win came with $50 million in grant funding, which was matched locally. “There is no clear definition of what a smart city is,” Davis noted. “But seamless connectivity is the ideal.” Continue reading CES 2020: Experts Consider Cybersecurity For Smart Cities

Multiple Bugs Made Zoom Hardware Susceptible to Hackers

In July, security firm Forescout discovered that DTEN touchscreen smart TVs, one of video conference service Zoom’s “certified hardware providers,” can be hacked to allow evildoers to bug conference rooms and capture video feeds and whiteboard notes. A two-week study of the DTEN D5 and D7 connected displays revealed five bugs, three of which have been patched but two of which remain. After Forescout disclosed the flaws to DTEN, it decided to go public to raise awareness of the security threat. Continue reading Multiple Bugs Made Zoom Hardware Susceptible to Hackers

5G Offers Wireless Carriers More Security, Privacy Options

One of the benefits of 5G, expected to be 100 times faster than 4G networks, is the improved protection of sensitive data. Much of the conversation about 5G networks has focused on the security issues related to Chinese vendors of gear used in 5G networks. But Verizon chief information officer Chandra McMahon noted that “security is designed into 5G and there will be additional [security] technical features.” Another advantage is that 5G providers will rely on the cloud, providing more capacity and flexibility. Continue reading 5G Offers Wireless Carriers More Security, Privacy Options

Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Russian hackers have been responsible for serious cybercrimes in the last few years, including Sandworm, a group of hackers who attacked the 2018 Olympics, among other targets. Now, Russia is seeking to replace the 2001 Budapest Convention on Cybercrime with a new agreement that will align with its interests. The country is playing hardball in its attempt to prevent its citizens arrested abroad to be extradited to the U.S. for trial, including holding an Israeli citizen for trade with a Russian hacker held in that country. Continue reading Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Hackers Increasingly Use SIM-Swapping to Hijack Accounts

Last week, hackers took over the Twitter account of that company’s chief executive Jack Dorsey, using SIM-swapping, a technique that lets hackers access social media, email, financial accounts and other sensitive data. SIM-swapping, by which hackers take over the target’s phone, is being used to steal money and take over the “online personae” of celebrities, politicians and other notable people. In response, Twitter temporarily turned off the feature that allows users to send tweets via text message. Continue reading Hackers Increasingly Use SIM-Swapping to Hijack Accounts

DARPA Attempts to Stop Automated Disinformation Attacks

The Defense Advanced Research Projects Agency (DARPA) published a concept document for the Semantic Forensics (SemaFor) program, aimed at stopping “large-scale, automated disinformation attacks,” by detecting fakes among thousands of audio clips, photos, stories and video. As the 2020 Presidential election approaches, U.S. officials are working to prevent hackers from spreading disinformation on social platforms, but Senate majority leader Mitch McConnell won’t consider any election security laws. Continue reading DARPA Attempts to Stop Automated Disinformation Attacks

2017 Data Breach Likely to Cost Equifax Up to $700 Million

In September 2017, hackers broke into credit agency Equifax, compromising almost 150 million Social Security numbers and other personal information. Now, according to sources, under the terms of an agreement with the Federal Trade Commission, Consumer Financial Protection Bureau and most state attorneys general, Equifax will pay about $700 million to settle with these agencies as well as a nationwide consumer class-action lawsuit. The exact amount of the settlement depends on the number of consumer claims ultimately filed. Continue reading 2017 Data Breach Likely to Cost Equifax Up to $700 Million

Researchers Identify Bugs in Microsoft Excel, Apple macOS

Threat intelligence firm Mimecast revealed that hackers are exploiting a Microsoft Excel feature called Power Query to facilitate Office 365 attacks. This feature lets legitimate users combine data from various sources by linking to those components in a spreadsheet. Hackers replace a link with another that leads to a site infected with malware. The hacked Excel spreadsheets then allow attackers to install backdoors, using the software program’s own tools. Meanwhile, Apple has yet to fix a macOS bug first identified by a cybersecurity researcher in February. Continue reading Researchers Identify Bugs in Microsoft Excel, Apple macOS

Cybersecurity Report Finds Extensive Flaws in Huawei Gear

Ohio-based cybersecurity firm Finite State released a report that documents flaws in Huawei Technologies’ equipment that can be used by hackers. According to the report, these flaws are much more extensive than those found in similar gear from rival companies. The report does not, however, accuse the company of incorporating these flaws deliberately and does not comment on U.S. claims that the Chinese company uses such flaws to conduct espionage. The flaws were found in firmware, which enables a computer’s hardware. Continue reading Cybersecurity Report Finds Extensive Flaws in Huawei Gear

Page 1 of 9123456789