5 years ago

Intel Security will discontinue McAfee SaaS products

Intel Security’s plans to decommission select McAfee software-as-a-service products mean customers will have to go through the entire deployment and provisioning all over again if they want to keep getting endpoint and email security. Related: Softpedia News, SecurityWeek [expand title=”More”] Softpedia News: Intel Retires All McAffee SaaS Email Security Products SecurityWeek: Intel Announces EoL for McAfee Email Security Products [/expand]
5 years ago

TalkTalk cyber-attack sparks calls for new regulatory powers

Warning that telecom firm’s security breach could cause problems that will last for years, including identity theft risksRegulators must be given significant new “US-style” powers to tackle the escalating problem of online fraud in the wake of the cyberattack that potentially potentially compromised the security of millions of TalkTalk customers, IT experts said. Related: The Register, The Register, The Guardian, The Guardian, Network World Security, VentureBeat, Cyber Parse, The Register, E Hacking News [expand title=”More”] The Register: TalkTalk plays ‘no legal obligation’ card on encryption – fails to think of the children (read: its customers) The Register: TalkTalk attack: ‘No legal obligation to encrypt customer bank details’, says chief The Guardian: TalkTalk boss says cybersecurity ‘head and shoulders’ above competitors The Guardian: TalkTalk shares fall another 7% after cyber-attack Network World Security: TalkTalk had ‘no legal obligation’ to encrypt customers’ sensitive data VentureBeat: U.K. ISP TalkTalk hires defense firm after hackers stole data from 4M customers Cyber Parse: TalkTalk: Hackers ‘Can’t Access Bank Accounts’ The Register: TalkTalk hush-hush on compo for up to 4 million customers after mega cyber attack E Hacking News: ‘Talk talk’ cyber attack [/expand]
5 years ago

Why IoT Security Is So Critical

An anonymous reader writes: Software engineer Ben Dickson starts off an opinion piece about Internet of Things security with this amusing comment: “Twenty years ago, if you told me my phone could be used to steal the password to my email account or to take a copy of my fingerprint data, I would’ve laughed at you and said you watch too much James Bond. Related: Softpedia News, Security Intelligence, TechCrunch [expand title=”More”] Softpedia News: Anonymous Hacks Thai Telecom Firm to Protest Internet Censorship Plans Security Intelligence: A Security Protocol for the Internet of Things TechCrunch: Why IoT Security Is So Critical [/expand]
5 years ago

Anonymous Targets Thai Govt, Leaks Data from State-owned Telecom Firm

Anonymous, the world famous hacktivist group, has now declared war on the Thai government due to its implementation of single internet gateway consolidation policy. Related: Softpedia News, Office of Inadequate Security [expand title=”More”] Softpedia News: Anonymous Hacks Thai Telecom Firm to Protest Internet Censorship Plans Office of Inadequate Security: Anonymous Targets Thai Govt, Leaks Data from State-owned Telecom Firm [/expand]
5 years ago

Judge dismisses Wikimedia lawsuit over NSA surveillance

A federal judge has dismissed a lawsuit by Wikimedia and other groups challenging one of the U.S. National Security Agency’s mass surveillance programs, the Baltimore Sun reported. Related: Boing Boing, BetaNews, Slashdot [expand title=”More”] Boing Boing: NSA spying: judge tosses out case because Wikipedia isn’t widely read enough BetaNews: Wikimedia case against NSA spying thrown out of court Slashdot: Judge Tosses Wikimedia’s Anti-NSA Lawsuit Because Wikipedia Isn’t Big Enough [/expand]
5 years ago

TalkTalk’s incompetence over hacking is actually making us more security savvy

With countless reports of companies losing control of users’ data, being hacked and putting private information out there for anyone to see, people are paying more attention than ever to exactly how they use online services. Related: VentureBeat, Graham Cluley [expand title=”More”] VentureBeat: We’re sitting on a big data time bomb Graham Cluley: TalkTalk was hacked. But it’s silly to ask if the data was encrypted [/expand]
5 years ago

TalkTalk cyber-attack not as bad as first thought, company says

Firm says customer data stolen ‘materially lower’ than thought and would not allow money to be taken from bank accountsTalkTalk has said the amount of customers’ financial information stolen by hackers is “materially lower” than first thought and would not allow money to be taken from bank accounts. Related: The Register, Bloomberg [expand title=”More”] The Register: TalkTalk attack: ‘No legal obligation to encrypt customer bank details’, says chief Bloomberg: TalkTalk Says Cyber Attack Targeted Website, Not Core Systems – Bloomberg [/expand]
5 years ago

Russian Cyberspies Targeted MH17 Crash Investigation

Security researchers from Trend Micro have found evidence that the Pawn Storm cyberespionage group set up rogue VPN and SFTP servers to target Dutch Safety Board employees before and after the report on the crash of Malaysia Airlines Flight 17 (MH17) was finalized. Related: Office of Inadequate Security, The Register, SC Magazine [expand title=”More”] Office of Inadequate Security: Russia ‘tried to hack MH17 inquiry system’ The Register: Hackers hit NATO, White House – then aimed at MH17 air disaster probe SC Magazine: Pawn Storm APT group returns, and this time, looks for sensitive MH17 plane crash info [/expand]
5 years ago

Audi Cars Hacked, but Only Airbag System Affected

The trend of car hacking revelations continues with three researchers from CrySys Lab and the Budapest University of Technology and Economics saying that they were able to quietly disable the airbags system on an Audi TT model. Related: SC Magazine, Security Affairs, Security Affairs, SC Magazine, The Register, The Register [expand title=”More”] SC Magazine: Researchers use exploit to disable Audi airbags Security Affairs: How to hack airbag in Audi TT on other models Security Affairs: How to hack airbag in Audi TT on other models SC Magazine: Researchers use exploit to disable Audi airbags The Register: Hackers pop grease monkeys’ laptops to disable Audi airbags The Register: Hackers pop grease monkeys’ laptops to disable Audi airbags [/expand]
5 years ago

LulzSec Revival Hacker Claims Responsibility for TalkTalk Hack

A hacker purporting to represent the group LulzSec has claimed responsibility for a DDoS attack that affected UK telecom TalkTalk this week. Related: Sky News, Bloomberg, Cyber Parse, Cyber Parse, HackRead, Mashable, Security Affairs, Security Affairs, The Hill, Krebs on Security, Tech Times, Naked Security, Security Affairs, Office of Inadequate Security, The Guardian, The Register, The Guardian, The Register, The Register, The Guardian [expand title=”More”] Sky News:TalkTalk Hack: Ransom Demand Received Bloomberg:TalkTalk Says Cyber Attack Targeted Website, Not Core Systems – Bloomberg Cyber Parse:TalkTalk: Hackers ‘Can’t Access Bank Accounts’ Cyber Parse:TalkTalk hack: what you need to know HackRead:UK’s largest Telecom Group TalkTalk Hacked, 4 Million Users at Risk Mashable:5 things you need to know about the TalkTalk cyberattack Security Affairs:TalkTalk CEO confirmed personally receiving a ransom demand Security Affairs:TalkTalk announced hackers have stolen ‘incomplete’ customer bank data The Hill:UK telecom hit by massive data breach Krebs on Security:TalkTalk Hackers Demanded £80K in Bitcoin Tech Times:TalkTalk Cyber Attack Compromises Bank Details Of Over 4 Million Customers [Update: Ransom Demand Received] Naked Security:TalkTalk suffers major data breach affecting up to 4 million customers Security Affairs:Alleged LulzSec member claims responsibility for the DDoS on TalkTalk Office of Inadequate Security:TalkTalk hacker ‘looking for money;’ ransom demand received The Guardian:TalkTalk cyber-attack sparks calls for new regulatory powers The Register:TalkTalk attack: ‘No legal obligation to encrypt customer bank details’, says chief The Guardian:TalkTalk cyber-attack not as bad as first thought, company says The Register:TalkTalk hush-hush on compo for up to 4 million customers after mega cyber attack The Register:Chaos at TalkTalk: Data was ‘secure’, not all encrypted, we took site down, were DDoSed The Guardian:Did TalkTalk breach the Data Protection Act? | Rik Ferguson [/expand]
5 years ago

New Oz Law Vastly Expands Retention of Telco Metadata

From Tuesday, telecommunications companies must keep much more data, and in most cases government agencies may access it without a warrant.
5 years ago

New Campaign Backdoors Cisco WebVPN

Researchers from security firm Volexity discovered a new attack campaign that targets a widely used VPN product by Cisco Systems to install backdoors that collect employees’ usernames and passwords used to login to corporate networks.
5 years ago

Sources Say Uber Traces Hack to IP Address of Rival Lyft’s CTO

Uber says a hack that revealed data on 50,000 of its drivers can be traced back to the IP address of the CTO of its chief rival, Lyft.
5 years ago

Obama Administration: No Encryption Legislation…Yet

After months of deliberation, the Obama administration has decided not to push for encryption legislation just now but hopes that companies create a way for law enforcement to gain access to encrypted data.