A lack of security on WeWork‘s WiFi network has left sensitive user data exposed. In August, Fast Company revealed that WeWork had used the same WiFi password at many of its rentable shared co-working spaces for years, a password that appears in plain text on WeWork’s app.  The security of the real estate company’s WiFi came under further

by John E Dunn IBM has boosted its growing stable of quantum computers with a new 53-quantum bit (qubit) device, the most powerful ever offered for commercial use. Google announced a more powerful 72-qubit ‘Bristlecone’ model last year, but that was for its internal techies only. IBM’s, by contrast, feels significant because it can be

The City of Los Angeles and IBM are joining forces with the LA Cyber Lab to help local businesses combat cybercrime. In a new project announced by IBM Security on September 17, the American multi-national IT company will provide technologies and data that will give the city’s commercial movers and shakers an edge in the event of a cyber-attack.

by Danny Bradbury A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. The bug makes it possible for an attacker to delete a server by hijacking a user’s account in phpMyAdmin, a 21-year-old open-source tool used to manage MySQL and MariaDB databases. The flaw

In a surprise u-turn, senate Republicans have decided to back Democrat calls for an extra $250m to enhance the security of the nation’s voting infrastructure. Speaking on the floor yesterday, senate majority leader Mitch McConnell said: “I’m proud the Financial Services & General Government bill will include a bipartisan amendment providing another $250 million for

by Lisa Vaas Facebook’s original motto: “Move fast and break things.” France’s finance minister Bruno Le Maire: Non merci, not our global economy, you don’t. Last week, on Thursday, 13 September, Le Maire said in a speech at the OECD Global Blockchain Policy Forum 2019 – a digital currency conference – that he sees Facebook’s

Facebook has taken down hundreds of Facebook and Instagram Pages and accounts after two separate coordinated campaigns were discovered attempting to influence user behavior in Iraq and Ukraine. It’s possible that the fake news operations were an attempt to peddle misinformation ahead of elections in the Middle East nation last year and in the eastern

by Danny Bradbury An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today. Those topping the list are decades old, showing us that we’ve a long way to go in the journey to creating quality software. The Common Weakness Enumeration (CWE) project analysed reams of bug

A new government-backed report has warned that the growing use of automation and machine learning algorithms in policing could be amplifying bias, in the absence of consistent guidelines. Commissioned by the Centre for Data Ethics and Innovation (CDEI), which sits in the Culture Department, the report from noted think tank the Royal United Services Institute

by Lisa Vaas An Ohio gamer who got into a spat over a $1.50 wager that led to the death-by-swatting of an innocent man has been sentenced to 15 months in prison, the Department of Justice (DOJ) announced on Friday. Casey S. Viner, 19, pleaded guilty to one count of conspiracy and one count of

A new testing service has been launched with the aim of gauging and ranking job candidates based on their technical skillsets. TechRank, created by Pioneer Labs, is run by tech consultants and sources, tests and objectively ranks tech talent, helping companies hire the best and most capable person for tech-based roles. TechRank seeks to eliminate the subjectivity

by Danny Bradbury Kyle Milliken is back from jail, and he has some advice for you. The 30-year-old hacker from Arkansas, according to his blog, at age 17 began phishing celebrity Myspace accounts and using them to send internet marketing spam. After earning $5,000 per week, he evolved to hack millions of email, forum, and

Israeli police have arrested several employees of a domestic company that makes cyber-surveillance tools and raided its offices over the weekend, according to local reports. Although a court order has prevented many details of the case from making it into the public domain, including the identity of the suspects, the arrests were apparently made under

by Lisa Vaas The Republic of the Marshall Islands (RMI) is forging ahead with its plans to issue a blockchain-based, national currency – the Marshallese sovereign (SOV). This is in spite of naysayers (including the US government) predicting that it will be unstable, and/or will crash the local telecom system of this tiny Pacific island

Two employees of a Colorado cybersecurity firm hired to test the security of an Iowa courthouse have been charged with burglary after allegedly breaking into the building.   Gary Edward Demercurio, 43, of Seattle, Wash., and Justin Lawson Wynn, 29, of Naples, Fla., were arrested at approximately 1 a.m. on Wednesday morning after being found inside

by Danny Bradbury There’s another vulnerability in Intel chips, with another catchy name: NetCAT. The researchers who discovered it say that attackers could use it to find out what other users on a server are typing. Don’t recoil in horror yet, though – exploiting it would be a challenge. The attack revolves around a technology

American software giant Symantec is cutting hundreds of jobs at four different sites across the US as part of a $100 million restructuring program. Government filings of notices made by the company in August under the Worker Adjustment and Retraining Notification (WARN) Act indicate that the roles of 230 Symantec employees will be terminated on October 15,

by Paul Ducklin In the past few days, we’ve written about both Mozilla and Google adopting DNS-over-HTTPS in their browsers. We’re supposed to use HTTPS wherever we can, so “something-over-HTTPS” sounds as though it ought to be more secure than “the-same-something-not-encrypted-at-all”… …and yet not everyone is happy about this whole DNS-over-HTTPS thing. Can more security

Speaking at 44CON, Pen Test Partners researchers Tony Gee and Vangelis Stykas demonstrated vulnerabilities in GPS trackers, which enabled them to call premium rate phone numbers, and possibly influence the outcome of television talent shows. Gee said that there is demand for GPS trackers, which are used in watches for kids, cars and even on

by John E Dunn Is this week’s test pilot launch of Mozilla Private Network the moment browser VPNs finally become a must-have privacy feature? Available as a free beta extension for desktop Firefox, initially in the US only, its arrival is certainly promising. It’s not the first browser to offer this feature – that honour

The past 15 years has seen huge changes in the cybersecurity-related search terms internet users are deploying to find out more about the industry, with anti-virus supplanted by emerging next-gen solutions, according to new data from RedScan. Taking its cue from Google’s Year in Search report, the security vendor decided to analyze the past decade-and-a-half of

by Danny Bradbury Following hot on Mozilla’s trail, Google officially announced its own DNS-over-HTTPS (DoH) experiment in Chrome this week. Mozilla recently announced that it would turn on DoH by default for users of the Firefox browser’s desktop version in the US. This provides some privacy protections compared with regular DNS queries, although as Paul

Speaking at the Gartner Security and Risk Management Summit in London, Gartner director analyst Sam Olyaei said that the topic of “questions on security and risk that you must be prepared to answer at your board meetings” was one of the most popular subjects. He said that the company was getting around 100 enquires a

by Danny Bradbury Imagine this: you’re at a party one Saturday night and, at 1 a.m. decide to send your best pal a picture of yourself doing a headstand wearing nothing but a pink tutu, slamming a litre of Smithwick’s finest from a beer bong. Unfortunately, your best pal’s name is Sue, which also happens

At the Gartner Security & Risk Management Summit 2019 in London, Andy Powell, CISO at Maersk, outlined the key lessons learned from the NotPetya malware attack the company, along with many others, suffered in 2017. “Maersk was not alone [in being hit by NotPetya] and anybody that thinks that Maersk was the single biggest example,

by John E Dunn A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention. Affecting all versions from 4.80 up to and including 4.92.1, Exim’s maintainers have offered a general description of the flaw (CVE-2019-15846) discovered in July 2019 by a researcher identified as ‘Zerons’. Subsequently confirmed by

As the digital society evolves, security and risk management can keep up if they have a suitable vision. Speaking at the Gartner Security and Risk Management Summit in London, Tom Scholtz, distinguished VP analyst at Gartner, said that while “digital society is evolving” it is “adding complexity to challenges.” Scholtz added that those organizations that differentiate

by Danny Bradbury A senior executive at private browser company Brave has accused Google of using a workaround that lets it identify users to ad networks. The system violates GDPR – the EU’s data protection regulation – he said. Brave’s chief policy and industry relations officer Dr Johnny Ryan made the accusation against Google’s Authorized

The United States Department of Defense (DOD) is marking the country’s first ever Insider Threat Awareness Month by training staff in insider threat detection.  The DOD, together with other federal agencies, will be teaching its employees to be on the lookout for indicators that a co-worker may be stealing sensitive or classified information, hatching a

by Danny Bradbury YouTube can’t track kids online anymore without their parents’ permission, says the FTC – as it just fined the Google-subsidiary $170m to demonstrate just how serious it is. The penalty follows a complaint filed by the FTC and the New York Attorney General that YouTube had violated the Children’s Online Privacy Protection