Cyber security news October 2019

This posting is here to collect cyber security news in October 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

223 Comments

  1. Tomi Engdahl says:

    White-hat hacks Muhstik ransomware gang and releases decryption keys
    https://www.zdnet.com/article/white-hat-hacks-muhstik-ransomware-gang-and-releases-decryption-keys/

    Annoyed victim hacks back ransomware gang and releases all their decryption keys, along with a free decrypter.

    Reply
  2. Tomi Engdahl says:

    Wisconsin workers embedded with microchips
    https://www.usatoday.com/story/tech/talkingtech/2017/08/01/wisconsin-employees-got-embedded-chips/529198001/

    Three Market Square says it will be a “convenience” for workers

    Sporting “I Got Chipped” T-shirts, some 40 workers at Three Square Market, a firm that makes cafeteria kiosks aimed at replacing vending machines, got tiny rice-sized microchips embedded in their hands.

    The company would like to see payments go cashless, as iPhone users do with Apple Pay. Except in this case, consumers use their hand instead of a smartphone to pay.  

    Reply
  3. Tomi Engdahl says:

    France is creating – and speeding up the rollout of – a nationwide program using facial recognition to create legal digital identities for its citizens.

    The program is called Alicem – an acronym for “certified online authentification on mobile”.

    https://nakedsecurity-sophos-com.cdn.ampproject.org/c/s/nakedsecurity.sophos.com/2019/10/08/nationwide-facial-recognition-program-underway-in-france/amp/

    Reply
  4. Tomi Engdahl says:

    CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device.

    D-Link won’t patch a critical unauthenticated command-injection vulnerability in its routers that could allow an attacker to remotely take over the devices and execute code.

    The vulnerability (CVE-2019-16920) exists in the latest firmware for the DIR-655, DIR-866L, DIR-652 and DHP-1565 products, which are Wi-Fi routers for the home market.

    The root cause of the vulnerability, according to Fortinet, is a lack of a sanity check for arbitrary commands that are executed by the native command-execution function.

    Fortinet describes this as a “typical security pitfall suffered by many firmware manufacturers.”

    D-Link Home Routers Open to Remote Takeover Will Remain Unpatched
    https://threatpost.com/d-link-home-routers-unpatched/148941/

    Reply
  5. Tomi Engdahl says:

    Obsessed fan finds Japanese idol’s home by zooming in on her eyes
    https://www.asiaone.com/asia/obsessed-fan-finds-japanese-idols-home-zooming-her-eyes

    Did you know that high-resolution phone cameras can expose more than just pimples and pores? You might be revealing your location to internet predators without even realising it.

    fan figured out her address from selfies she posted on social media — just by zooming in on the reflection on her pupils, according to media reports.

    The fan, Hibiki Sato, 26, managed to identify a bus stop and the surrounding scenery from the reflection on Matsuoka’s eyes and matched them to a street using Google Maps.

    Sato had even approximated the storey Matsuoka lived on based on the windows and the angle of the sunlight in her eyes.

    Reply
  6. Tomi Engdahl says:

    Paul Wagenseil / Tom’s Guide:
    D-Link won’t patch a remote exploit in four of its routers, saying they are end-of-life, despite some being discontinued in 2018 and still being sold on Amazon

    D-Link Won’t Fix Serious Security Flaw on Four Wi-Fi Routers
    https://www.tomsguide.com/news/d-link-wont-fix-serious-security-flaw-on-four-wi-fi-routers

    Reply
  7. Tomi Engdahl says:

    Catalin Cimpanu / ZDNet:
    Researchers find that hackers have breached Volusion, a Shopify rival, delivering malicious JavaScript code to between 6,500 and 20,000 online stores
    https://www.zdnet.com/article/hackers-breach-volusion-and-start-collecting-card-details-from-thousands-of-sites/

    Reply
  8. Tomi Engdahl says:

    Alfred Ng / CNET:
    More than 30 civil rights groups sign an open letter asking mayors and city councils to cancel 500+ existing local police partnerships with Amazon’s Ring

    Ring’s police partnerships must end, say more than 30 civil rights groups
    https://www.cnet.com/news/more-than-30-civil-rights-groups-call-for-end-to-rings-police-partnerships/

    An open letter urges local lawmakers to cancel all existing police deals with Amazon’s video doorbell company.

    Reply
  9. Tomi Engdahl says:

    “Normally it works like this:

    someone gets infected by [ransomware](https://www.tripwire.com/state-of-security/security-data-protection/decryption-keys-released-by-developer-of-hildacrypt-ransomware/), and then they pay the ransom. The victim then licks their wounds and hopefully learns something from the experience.

    And that’s what happened to Tobias Frömel, a German developer and web designer

    Frömel decided to hack the very people responsible for the attack.

    After decrypting his own data, Frömel analyzed the ransomware that had infected his NAS drive, determined how it worked, “hacked back” and stole the criminal’s “whole database with keys.”

    From the sound of things, whoever was behind the Muhstik attack was more successful at writing ransomware than securing their own database from a web developer.”

    https://www.tripwire.com/state-of-security/featured/ransomware-victim-hacks-attacker-stealing-decryption-keys/

    Reply
  10. Tomi Engdahl says:

    Extra-trees classifiers could assign every operator on a network a reputation score, so serial hijackers could easily be identified from legitimate network providers.

    A Machine Learning Classifier Can Spot Serial Hijackers Before They Strike
    https://spectrum.ieee.org/tech-talk/telecom/internet/mit-and-caida-researchers-want-to-use-machine-learning-to-plug-one-of-the-internets-biggest-holes

    “BGP [hacking] is one way to sniff at traffic, or steal traffic,” says Cecilia Testart, a graduate student at MIT’s Computer Science and Artificial Intelligence Lab (CSAIL). ”Given that the Internet is becoming more and more critical, we should try and prevent these attacks.”

    Reply
  11. Tomi Engdahl says:

    Scammers are fooling millennials out of millions of dollars: Here’s how
    https://eu.freep.com/story/money/personal-finance/susan-tompor/2019/10/09/millennials-job-scam-google-hangouts-interview/3896459002/

    The interviewer for the food packaging company seemed to want to fill a real job.

    The pay was great:

    Then the company ended up sending a cashier’s check via FedEx for around $1,099. She was to deposit the check in her bank and use the money to buy a fax machine, a copy machine and a MacBook Pro to work from home.

    OK, but all that stuff would have cost her around $3,000, based on her estimates.

    She began to wonder if the check was even real.

    She discovered it was a fake check, thankfully before she deposited it.

    “If I would have put that into my checking account, I would have owed all that money back and I don’t have all that money to pay back,” she said.

    Millennials in their 20s and 30s are falling at a fast clip for online shopping fraud, con artists who pretend to be your boss, imposters who pretend to be from the federal government, fake check scams and business opportunities or work-at-home jobs.

    Millennials, for example, are twice as likely as people who are 40 and older to report losing money while shopping online

    Reply
  12. Tomi Engdahl says:

    Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems

    DHS cyber unit wants to subpoena ISPs to identify vulnerable systems
    https://techcrunch.com/2019/10/09/cisa-subpoena-powers-isp-vulnerable-systems/

    Reply
  13. Tomi Engdahl says:

    This just got real: US, UK agencies issue joint VPN security alert
    https://techbeacon.com/security/just-got-real-us-uk-agencies-issue-joint-vpn-security-alert?amp&__twitter_impression=true

    Spy agencies in the US and UK are jointly warning of big trouble for many users of enterprise VPNs. Hacker groups—some state-sponsored—are wreaking havoc at sites that haven’t patched their installations.

    What’s the craic? Liam Tung has this warning for VPN users—Patch now, warns spy agency:

    If your employees are using … VPNs from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search … for signs of compromise. … A group of Chinese state-backed hackers known as APT5 have been attacking enterprise VPN servers.

    Reply
  14. Tomi Engdahl says:

    Network data from the NetBlocks internet observatory confirm that Iraq has introduced a nighttime internet curfew, .

    Measurement data show that internet access has been systematically cut for the second consecutive night between the hours of 5:00 p.m. and 7:00 a.m. Baghdad time

    Iraq enters internet history as the first recorded country to implement a systematic nighttime curfew at nation-scale by cutting and restoring internet access at the same times for two consecutive nights.

    https://netblocks.org/reports/iraq-introduces-nightly-internet-curfew-JAp1DKBd

    Reply
  15. Tomi Engdahl says:

    CVE-2019-10617 – AtherosSvc Registry LPE

    Arbitrary registry write local privilege escalation in the AtherosSvc windows service. Can be seen frequently on laptops with Qualcomm wireless/bluetooth chipsets.

    https://silentbreaksecurity.com/cve-2019-10617/

    Reply
  16. Tomi Engdahl says:

    Geez, that’s a sensitive breach if ever I’ve seen one:
    https://mobile.twitter.com/troyhunt/status/1182229517722476544?s=19&fbclid=IwAR08IqadQvyUIu3H3qDQu5lwy-ZIpXgx3tly1_w-Izp0qyfXH8YD3xFw91E

    Data breach of the Dutch prostitute network http://Hookers.nl (yes really), resulting in a leak of IP, email addresses and encrypted passwords of 250.000 prostitutes and johns. Breach by leak in vBulletin

    Reply
  17. Tomi Engdahl says:

    Father of Unix Ken Thompson checkmated as his old password has finally been cracked
    Aussie user’s AMD GPU breaks hash in just four days
    https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/

    Reply
  18. Tomi Engdahl says:

    Californian RoboCop Had To Deal With Its First Crime, And It Did Not Go Well
    https://www.iflscience.com/technology/californian-robocop-had-to-deal-with-its-first-crime-and-it-did-not-go-well/

    earlier this year Huntington Park, California added a new police officer to its squad; a robot actually named RoboCop.

    When she pressed the robot’s emergency alert button, she was expecting it to call the cops for help. It did not. Instead, it told her to get out of the way.

    RoboCop carried on its pre-programmed patrol route, occasionally stopping to tell people to “keep the park clean”

    Well, it turns out that RoboCop is in no way connected to the actual police. The calls instead go to the robots’ creator, Knightscope, who leases the robots to the police department.

    Reply
  19. Tomi Engdahl says:

    Social Engineering And Sabotage: Why Deepfakes Pose An Unprecedented Threat To Businesses
    https://deeptracelabs.com/social-engineering-and-sabotage-why-deepfakes-pose-an-unprecedented-threat-to-businesses/

    There is growing concern about the threats that weaponised misinformation, such as fake news, pose to businesses and their brands. This concern is well founded, as reflected in a recent report by New Knowledge, showing 78% of consumers think misinformation damages brand reputation. Whilst this statistic shows businesses need to develop strategies to combat existing forms of misinformation, deepfakes pose an even greater threat moving forwards.

    Reply
  20. Tomi Engdahl says:

    Carbon Black Connect 2019: Cloud will revolutionise cyber security strategies
    https://www.itpro.co.uk/security/34580/carbon-black-connect-2019-cloud-will-revolutionise-cyber-security-strategies

    Cloud will revolutionise security
    Perhaps the most prevalent theme of the day, however, was the role of cloud in how organisations protect themselves from threats in future.

    “We fundamentally believe the cloud is going to revolutionise security over the coming years. Again, I’ll say this, it does not lessen our commitment to our on-premise products, we just recognise the power of being able to do a lot of analysis in the cloud,” said Morley.

    He added that cloud-based analytics would help identify and thwart potential hackers more effectively, reduce operational overheads for customers, and deliver “faster time to value”.

    “It’s going to revolutionise security. It allows us to innovate faster, because every time we build new services on that platform, we deliver those to you without actually having to deploy anything inside of your data centre,” said Morley

    Reply
  21. Tomi Engdahl says:

    In the last 10 months, 140 local governments, police stations and hospitals have been held hostage by ransomware attacks
    https://edition.cnn.com/2019/10/08/business/ransomware-attacks-trnd/index.html

    (CNN)The attack starts, innocently enough, with an email. But when someone clicks the link inside, hackers quickly take over.

    Computers at the school, hospital, or city government are locked, and the only way for employees to get back in is to pay the attacker hundreds of thousands of dollars worth of Bitcoin.
    Even then, there’s no guarantee they won’t do it again.

    Reply
  22. Tomi Engdahl says:

    China Will Make Citizens Scan Faces to Sign Up for Internet
    https://futurism.com/the-byte/china-scan-face-recognition-internet

    Starting in December, Quartz reports, tech companies in China will scan the face of anyone who signs up for internet service or a new cellphone number.

    The move is only a small part in China’s growing efforts to keep tabs on its residents’ online activity. The Chinese internet remains to be a tightly controlled walled garden that censors many international websites and messaging platforms, including Facebook and Twitter.

    While many other countries require government ID to sign up for SIM cards, it’s likely the first time a face scan is required.

    Reply
  23. Tomi Engdahl says:

    UK, USA and Australia giving tech advice to Facebook: “Don’t improve your users’ privacy and security by providing end-to-end encryption unless you want to simultaneously degrade their privacy and security by installing a back door into your app…”

    US, UK and Australia urge Facebook to create backdoor access to encrypted messages
    https://www.theguardian.com/technology/2019/oct/03/facebook-surveillance-us-uk-australia-backdoor-encryption

    Facebook says it opposes calls for backdoors that would ‘undermine the privacy and security of people everywhere’

    Reply
  24. Tomi Engdahl says:

    What the Public Knows About Cybersecurity
    https://www.pewinternet.org/2017/03/22/what-the-public-knows-about-cybersecurity/

    A majority of internet users can answer fewer than half the questions correctly on a difficult knowledge quiz about cybersecurity issues and concepts

    Reply
  25. Tomi Engdahl says:

    Danny O’Brien / Electronic Frontier Foundation:
    China is now projecting its Internet power abroad using state-sponsored DDoS attacks, malware, client-side filtering and surveillance, economic sanctions, more — Those outside the People’s Republic of China (PRC) are accustomed to thinking of the Internet censorship practices of the Chinese state …

    China’s Global Reach: Surveillance and Censorship Beyond the Great Firewall
    https://www.eff.org/deeplinks/2019/10/chinas-global-reach-surveillance-and-censorship-beyond-great-firewall

    Those outside the People’s Republic of China (PRC) are accustomed to thinking of the Internet censorship practices of the Chinese state as primarily domestic, enacted through the so-called “Great Firewall”—a system of surveillance and blocking technology that prevents Chinese citizens from viewing websites outside the country. The Chinese government’s justification for that firewall is based on the concept of “Internet sovereignty.” The PRC has long declared that “within Chinese territory, the internet is under the jurisdiction of Chinese sovereignty.”

    Hong Kong, as part of the “one country, two systems” agreement, has largely lived outside that firewall

    China is not above trying to extend its reach beyond the Great Firewall, and beyond its own borders. In attempting to silence protests that lie outside the Firewall, in full view of the rest of the world, China is showing its hand, and revealing the tools it can use to silence dissent or criticism worldwide.

    Some of those tools—such as pressure on private entities, including American corporations NBA and Blizzard—have caught U.S. headlines and outraged customers and employees of those companies. Others have been more technical, and less obvious to the Western observers.

    At home, China doesn’t need to use zero-days to install its own code on individuals’ personal devices. Chinese messaging and browser app makers are required to include government filtering on their client, too.

    Reply
  26. Tomi Engdahl says:

    A Race to the Bottom of Privacy Protection: The US-UK Deal Would Trample Cross Border Privacy Safeguards
    https://www.eff.org/deeplinks/2019/10/race-bottom-privacy-protection-us-uk-deal-would-trample-cross-border-privacy

    Reply
  27. Tomi Engdahl says:

    Martin Shelton / Freedom of the Press:
    G Suite’s lack of end-to-end encryption means US agencies could force Google to hand over unreleased reporting, even unpublished info about journalistic sources — If you work in a newsroom, there’s a good chance you work with colleagues on Google Docs, Slides, Sheets, and more.

    Newsrooms, let’s talk about G Suite
    https://freedom.press/training/blog/newsrooms-lets-talk-about-gsuite/

    Reply
  28. Tomi Engdahl says:

    UK, USA and Australia giving tech advice to Facebook: “Don’t improve your users’ privacy and security by providing end-to-end encryption unless you want to simultaneously degrade their privacy and security by installing a back door into your app…”

    US, UK and Australia urge Facebook to create backdoor access to encrypted messages
    https://www.theguardian.com/technology/2019/oct/03/facebook-surveillance-us-uk-australia-backdoor-encryption

    Facebook says it opposes calls for backdoors that would ‘undermine the privacy and security of people everywhere’

    Reply
  29. Tomi Engdahl says:

    … As a proof of concept, Elkins created code for the chip that allowed him to interface with the administrator settings on a Cisco ASA 5505 firewall.

    When the compromised board boots up, the chip triggers the firewall’s password recovery feature and creates a new administrator account. An attacker could use that account to monitor network activity and steal data.
    Elkins plans to reveal all the details of his project at the upcoming CS3sthlm security conference, but he’s not trying to prove Bloomberg’s report is accurate. Instead, he wants everyone to realize implanting spy hardware is trivially easy regardless of whether that report was true. It only cost him $200

    Security Researcher Adds Spy Chip to IT Equipment for Just $200
    https://www.extremetech.com/computing/300060-security-researcher-adds-spy-chip-to-it-equipment-for-just-200

    Reply
  30. Tomi Engdahl says:

    Planting Tiny Spy Chips in Hardware Can Cost as Little as $200
    A new proof-of-concept hardware implant shows how easy it may be to hide malicious chips inside IT equipment.
    https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap-proof-of-concept/

    Reply
  31. Tomi Engdahl says:

    Amid security concerns, the European Union puts 5G — and Huawei — under the microscope
    https://tcrn.ch/2Mxuvf4

    Reply
  32. Tomi Engdahl says:

    Teenagers arrested over hacks to Met Police website
    https://www.bbc.com/news/uk-scotland-50014090

    Two Scottish teenagers have been arrested over claims they hacked into the Metropolitan Police’s website and posted a series of bizarre messages.

    Reply
  33. Tomi Engdahl says:

    Her iPhone died. It led to her being charged as a criminal
    There’s an assumption that digitizing everything is a good thing. Are we sure about that?
    https://www.zdnet.com/article/her-iphone-died-it-led-to-her-being-charged-as-a-criminal/

    Apple Pay to tap her payment instead of buying a ticket the old-fashioned way.

    Which, as she cheerily described, is easy unless a ticket inspector wanders by. Just after your iPhone’s battery has died.

    She couldn’t prove that she’d paid

    she was charged with, well, not providing proof of payment.

    Kelly produced a bank statement that proved she’d paid. The transportation company — Transport For London — insisted this wasn’t enough.

    It seems she’d failed another digital task — registering her Apple Pay with Transport For London. She was edging ever closer to criminal status. But did her Apple Pay details need to be registered?

    So, here she was, contactless and receiptless. Next, she heard that her court case had happened and she’d been found guilty.

    Oh, and she also owed a fine of £476.50 — around $592.

    Oh, and being found guilty meant she was turned down for a US visa.

    Reply
  34. Tomi Engdahl says:

    Digital systems are designed by those who strive for complete perfection and consistency

    You have to follow all the rules of the system. This, sadly, requires you to do the work of discovering what they are.

    https://www.zdnet.com/article/her-iphone-died-it-led-to-her-being-charged-as-a-criminal/

    Reply
  35. Tomi Engdahl says:

    https://thehackernews.com/2019/10/apple-bonjour-ransomware.html?m=1

    The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple’s iTunes and iCloud software for Windows to evade antivirus detection.

    Reply
  36. Tomi Engdahl says:

    https://thehackernews.com/2019/10/malvertising-webkit-hacking.html?m=1

    The infamous eGobbler hacking group that surfaced online earlier this year with massive malvertising campaigns has now been caught running a new campaign exploiting two browser vulnerabilities to show intrusive pop-up ads and forcefully redirect users to malicious websites.

    the modus operandi of eGobbler attackers involves high budgets to display billions of ad impressions on high profile websites through legit ad networks.

    eGobbler uses browser (Chrome and Safari) exploits to achieve maximum click rate and successfully hijack as many users’ sessions as possible.

    eGobbler threat actors recently discovered and started exploiting a new vulnerability in WebKit

    redirect visitors to websites hosting fraudulent schemes or malware as soon as they press the “key down” or “page down” button on their keyboards while reading the content on the website.

    Reply
  37. Tomi Engdahl says:

    Almost 50% of Company Network Traffic Comes From Bots, Report Says
    https://www.bleepingcomputer.com/news/security/almost-50-percent-of-company-network-traffic-comes-from-bots-report-says/

    Network traffic in companies is generated by bots almost as much as by humans, shows a recent study. As bots become more sophisticated, they bypass the security challenges in place.

    The most prevalent are bots from the “headless browser” category, representing the second generation in bot evolution. Their share of the bad traffic is 46% and they can store cookies and run JavaScript code.

    Bots that try to mimic human interaction through simple mouse movement and keystrokes account for 23% of the unwanted traffic.
    automated threats target organizations in some industry verticals more than others and real estate, media and publishing, e-commerce, and classified advertising are among them.

    Reply
  38. Tomi Engdahl says:

    https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html?m=1

    The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access.

    Reply
  39. Tomi Engdahl says:

    https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14287.html

    When sudo is configured to allow a user to run commands as an arbitrary
    user via the ALL keyword in a Runas specification, it is possible
    to run commands as root by specifying the user ID -1 or 4294967295.

    Reply
  40. Tomi Engdahl says:

    “A Dutch design student invented a projector that superimposes an image of a different face over that of the wearer.”

    These clothes use outlandish designs to trick facial recognition software into thinking you’re not a human
    https://www.businessinsider.com/clothes-accessories-that-outsmart-facial-recognition-tech-2019-10?r=US&IR=T

    Reply
  41. Tomi Engdahl says:

    Reality Winner sentenced to more than 5 years for leaking info about Russia hacking attempts
    https://www.nbcnews.com/news/us-news/reality-winner-sentenced-more-5-years-leaking-info-about-russia-n903116

    The Georgia woman, who leaked a secret report on Russian hacking of the U.S. election, faced a maximum penalty of 10 years.

    It was the sentence that prosecutors had recommended — the longest ever for a federal crime involving leaks to the news media

    U.S. intelligence agencies later confirmed Russia had meddled in the election. Authorities have never confirmed what exactly the report said, or identified the news organization that received it.

    But a leaked document that was published by the online news outlet The Intercept in June 2017 bore the same May 5 date as the NSA report that Winner had leaked.

    Reply
  42. Tomi Engdahl says:

    Building China’s Comac C919 airplane involved a lot of hacking, report says

    https://www.zdnet.com/google-amp/article/building-chinas-comac-c919-airplane-involved-a-lot-of-hacking-report-says/?__twitter_impression=true

    One of China’s most brazen hacking sprees involved intelligence officers, hackers, security researchers, and company insiders.

    Reply
  43. Tomi Engdahl says:

    Why is this online banking security feature common in other countries, but not Canada?
    https://www.cbc.ca/news/canada/nova-scotia/two-factor-verification-online-banking-security-1.5306052

    Google offers 2-factor authentication to access your emails, so why don’t banks?

    Google offers it, some video games require it, but three of Canada’s big five banks don’t even want to talk about two-factor authentication (2FA), an extra layer of online security that some experts say banks should be required to provide to help protect consumers. 

    U.S. banks have been expected to use 2FA, also known as multi-factor authentication, since a directive was issued by the Federal Reserve Board 14 years ago, Streff said. 

    Relying on “single-factor authentication” — logging on to a system with one ID/password combination, for example — “is insufficient in this day of cyberwarfare,” he said. 

    Reply
  44. Tomi Engdahl says:

    Key duplication kiosks raise security concerns
    https://m.youtube.com/watch?v=0HRuYevKtug&feature=share

    KeyMe kiosks allow customers to make copies of electronic access cards and key fobs, but security experts say the technology could leave buildings and cars vulnerable. CBS News’ Steve Dorsey reports

    Reply
  45. Tomi Engdahl says:

    Malware That Spits Cash Out of ATMs Has Spread Across the World
    https://www.vice.com/en_us/article/7x5ddg/malware-that-spits-cash-out-of-atms-has-spread-across-the-world

    A joint investigation between Motherboard and the German broadcaster Bayerischer Rundfunk (BR) has uncovered new details about a spate of so-called “jackpotting” attacks.

    Reply
  46. Tomi Engdahl says:

    Google launches leaked-password checker, will bake it into Chrome in December
    https://www.computerworld.com/article/3444237/google-launches-leaked-password-checker-will-bake-it-into-chrome-in-december.html

    The company plans to add a hacked-password alert system into its browser by the end of year; Firefox aims to do much the same thing this month.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*