Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
A lack of security on WeWork‘s WiFi network has left sensitive user data exposed. In August, Fast Company revealed that WeWork had used the same WiFi password at many of its rentable shared co-working spaces for years, a password that appears in plain text on WeWork’s app.  The security of the real estate company’s WiFi came under further
0 Comments
The City of Los Angeles and IBM are joining forces with the LA Cyber Lab to help local businesses combat cybercrime. In a new project announced by IBM Security on September 17, the American multi-national IT company will provide technologies and data that will give the city’s commercial movers and shakers an edge in the event of a cyber-attack.
0 Comments
by Danny Bradbury A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. The bug makes it possible for an attacker to delete a server by hijacking a user’s account in phpMyAdmin, a 21-year-old open-source tool used to manage MySQL and MariaDB databases. The flaw
0 Comments
In a surprise u-turn, senate Republicans have decided to back Democrat calls for an extra $250m to enhance the security of the nation’s voting infrastructure. Speaking on the floor yesterday, senate majority leader Mitch McConnell said: “I’m proud the Financial Services & General Government bill will include a bipartisan amendment providing another $250 million for
0 Comments
by Lisa Vaas Facebook’s original motto: “Move fast and break things.” France’s finance minister Bruno Le Maire: Non merci, not our global economy, you don’t. Last week, on Thursday, 13 September, Le Maire said in a speech at the OECD Global Blockchain Policy Forum 2019 – a digital currency conference – that he sees Facebook’s
0 Comments
A new government-backed report has warned that the growing use of automation and machine learning algorithms in policing could be amplifying bias, in the absence of consistent guidelines. Commissioned by the Centre for Data Ethics and Innovation (CDEI), which sits in the Culture Department, the report from noted think tank the Royal United Services Institute
0 Comments
by Lisa Vaas An Ohio gamer who got into a spat over a $1.50 wager that led to the death-by-swatting of an innocent man has been sentenced to 15 months in prison, the Department of Justice (DOJ) announced on Friday. Casey S. Viner, 19, pleaded guilty to one count of conspiracy and one count of
0 Comments
by Danny Bradbury Kyle Milliken is back from jail, and he has some advice for you. The 30-year-old hacker from Arkansas, according to his blog, at age 17 began phishing celebrity Myspace accounts and using them to send internet marketing spam. After earning $5,000 per week, he evolved to hack millions of email, forum, and
0 Comments
by Danny Bradbury There’s another vulnerability in Intel chips, with another catchy name: NetCAT. The researchers who discovered it say that attackers could use it to find out what other users on a server are typing. Don’t recoil in horror yet, though – exploiting it would be a challenge. The attack revolves around a technology
0 Comments
American software giant Symantec is cutting hundreds of jobs at four different sites across the US as part of a $100 million restructuring program. Government filings of notices made by the company in August under the Worker Adjustment and Retraining Notification (WARN) Act indicate that the roles of 230 Symantec employees will be terminated on October 15,
0 Comments
by Paul Ducklin In the past few days, we’ve written about both Mozilla and Google adopting DNS-over-HTTPS in their browsers. We’re supposed to use HTTPS wherever we can, so “something-over-HTTPS” sounds as though it ought to be more secure than “the-same-something-not-encrypted-at-all”… …and yet not everyone is happy about this whole DNS-over-HTTPS thing. Can more security
0 Comments
Speaking at 44CON, Pen Test Partners researchers Tony Gee and Vangelis Stykas demonstrated vulnerabilities in GPS trackers, which enabled them to call premium rate phone numbers, and possibly influence the outcome of television talent shows. Gee said that there is demand for GPS trackers, which are used in watches for kids, cars and even on
0 Comments
The past 15 years has seen huge changes in the cybersecurity-related search terms internet users are deploying to find out more about the industry, with anti-virus supplanted by emerging next-gen solutions, according to new data from RedScan. Taking its cue from Google’s Year in Search report, the security vendor decided to analyze the past decade-and-a-half of
0 Comments
by Danny Bradbury Following hot on Mozilla’s trail, Google officially announced its own DNS-over-HTTPS (DoH) experiment in Chrome this week. Mozilla recently announced that it would turn on DoH by default for users of the Firefox browser’s desktop version in the US. This provides some privacy protections compared with regular DNS queries, although as Paul
0 Comments
by John E Dunn A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention. Affecting all versions from 4.80 up to and including 4.92.1, Exim’s maintainers have offered a general description of the flaw (CVE-2019-15846) discovered in July 2019 by a researcher identified as ‘Zerons’. Subsequently confirmed by
0 Comments
As the digital society evolves, security and risk management can keep up if they have a suitable vision. Speaking at the Gartner Security and Risk Management Summit in London, Tom Scholtz, distinguished VP analyst at Gartner, said that while “digital society is evolving” it is “adding complexity to challenges.” Scholtz added that those organizations that differentiate
0 Comments
by Danny Bradbury A senior executive at private browser company Brave has accused Google of using a workaround that lets it identify users to ad networks. The system violates GDPR – the EU’s data protection regulation – he said. Brave’s chief policy and industry relations officer Dr Johnny Ryan made the accusation against Google’s Authorized
0 Comments
by Danny Bradbury YouTube can’t track kids online anymore without their parents’ permission, says the FTC – as it just fined the Google-subsidiary $170m to demonstrate just how serious it is. The penalty follows a complaint filed by the FTC and the New York Attorney General that YouTube had violated the Children’s Online Privacy Protection