sn   1718

« earlier    

Court: Violating a site’s terms of service isn’t criminal hacking | Ars Technica
But rather than addressing that constitutional issue, Judge John Bates ruled on Friday that the plaintiffs' proposed research wouldn't violate the CFAA's criminal provisions at all. Someone violates the CFAA when they bypass an access restriction like a password. But someone who logs into a website with a valid password doesn't become a hacker simply by doing something prohibited by a website's terms of service, the judge concluded.

"Criminalizing terms-of-service violations risks turning each website into its own criminal jurisdiction and each webmaster into his own legislature," Bates wrote.
twig  765  sn 
2 hours ago by leolaporte
Revealed: Saudis suspected of phone spying campaign in US | World news | The Guardian
The data shows requests for mobile phone location data that were routed through the decades-old SS7 global messaging system, which allows mobile operators to connect users around the world. For example, a mobile user from the US travelling in Germany and seeking to make a call back to the US is connected through the SS7 network.

The SS7 system also enables tracking of phones, which has been a cause for concern by security experts. When a US carrier – such as Verizon, T-Mobile or AT&T – receives what is known as a Provide Subscriber Information SS7 message (or PSI) from a foreign mobile phone operator, they are getting, in effect, a tracking request.
sn  twig  765 
yesterday by leolaporte
Microsoft says hackers are attacking Windows users with a new unpatched bug | TechCrunch
Microsoft says attackers are exploiting a previously undisclosed security vulnerability found in all supported versions of Windows, including Windows 10.

But the software giant said there is currently no patch for the vulnerability.

The security flaw, which Microsoft deems “critical” — its highest severity rating — is found in how Windows handles and renders fonts, according to the advisory posted Monday. The bug can be exploited by tricking a victim into opening a malicious document. Once the document is opened — or viewed in Windows Preview — an attacker can remotely run malware, such as ransomware, on a vulnerable device.
sn  ww  764 
7 days ago by leolaporte
Windows, Ubuntu, macOS, VirtualBox fall at Pwn2Own hacking contest | ZDNet
During the competition's two-day schedule, six teams managed to hack apps and operating systems like Windows, macOS, Ubuntu, Safari, Adobe Reader, and Oracle VirtualBox. All bugs exploited during the contest were immediately reported to their respective companies.
twig  ttg  sn  763 
10 days ago by leolaporte
A Critical Internet Safeguard Is Running Out of Time | WIRED
For more than 15 years, Shadowserver has been funded by Cisco as an independent organization. But thanks to budget restructuring, the group now has to go out on its own. Rather than seek a new benefactor, founder Richard Perlotto says the goal is for Shadowserver to become a fully community-funded alliance that doesn't rely on any one contributor to survive. The group needs to raise $400,000 in the next few weeks to survive the transition, and then it will still need $1.7 million more to make it through 2020—an already Herculean fundraising effort coinciding with a global pandemic. They’ve set up a page for both large corporate donations and smaller individual contributions.
twig  sn  763 
14 days ago by leolaporte
German military laptop with classified data sold on Ebay | News | DW | 16.03.2020
Security specialists from G Data, based in the western city of Bochum, bought a used Bundeswehr laptop for €90 ($100).

On the computer were a series of documents, including instructions on how to destroy the LeFlaSys Ozelot air defence system.
twig  sn  763 
14 days ago by leolaporte
Microsoft Is Adding DNS-Over-HTTPS (DoH) to Windows 10
Microsoft announced that it's working on adding support for the privacy-focused DNS over HTTPS (DoH) protocol in a future Windows 10 release, while also keeping the addition of DNS over TLS (DoT) on the table.
sn  ww  762 
19 days ago by leolaporte
Secret-sharing app Whisper left users’ locations, fetishes exposed on the Web - The Washington Post
Whisper, the secret-sharing app that called itself the “safest place on the Internet,” left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed.
twig  sn  762 
20 days ago by leolaporte
More good news: Medical equipment is still prone to hacker attacks | VentureBeat
A new report from Unit 42 says 72% of health care networks mix internet of things (IoT) and information technology assets, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network. The report also offers a lot of data on non-medical IoT attacks.
sn  twig  762 
20 days ago by leolaporte
Why your privacy could be threatened by a bill to protect children - CNET
The proposed law has already been met with widespread criticism from security experts, civil liberties advocates and opposing lawmakers. They see the bill as a veiled attempt to erode end-to-end encryption and as a way to target Section 230, an important part of the Communications Decency Act of 1996 that protects free speech by granting tech companies immunity from any liabilities associated with content on their platforms.
twig  sn  762 
20 days ago by leolaporte
Intel CPUs vulnerable to new LVI attacks | ZDNet
While the attack has been deemed only a theoretical threat, Intel has released firmware patches to mitigate attacks against current CPUs, and fixes will be deployed at the hardware (silicon design) level in future generations.
twig  762  sn 
20 days ago by leolaporte
New AMD Side Channel Attacks Discovered, Impacts Zen Architecture (AMD Responds) | Tom's Hardware
AMD responded for our request for more information and says there are no new mitigations required, as this issue is covered by the existing side channel attack mitigations.

The researchers do not agree, stating that this vulnerability is still active. Until the two sides agree it isn't possible to ascertain which viewpoint is more accurate. We'll update as necessary and keep an eye out for a CVE.
sn  ww  762 
22 days ago by leolaporte
A major new Intel processor flaw could defeat encryption and DRM protections - The Verge
Security researchers are warning of a major new security flaw inside Intel processors, and it could defeat hardware-based encryption and DRM protections. The flaw exists at the hardware level of modern Intel processors released in the last five years, and could allow attackers to create special malware (like keyloggers) that runs at the hardware level and is undetectable by traditional antivirus systems. Intel’s latest 10th Gen processors are not vulnerable, though.
sn  ww  761 
22 days ago by leolaporte
U.S. charges Chinese spies with massive Equifax hack - POLITICO
The Justice Department charged two Chinese hackers with the Anthem breach, and U.S. officials have privately blamed China for the devastating OPM intrusion. Intelligence officials have also linked Beijing to other major cyberattacks, including the Marriott hack that exposed the personal data of roughly 500 million people.
twig  sn  ttg  758 
7 weeks ago by leolaporte
Windows 7 bug prevents users from shutting down or rebooting computers | ZDNet
Windows 7 users have been reporting that they are receiving a popup message that reads "You don't have permission to shut down this computer" every time they attempt to shut down or reboot their systems.
ww  sn  758 
7 weeks ago by leolaporte
Federal Agencies Use Cellphone Location Data for Immigration Enforcement - WSJ
U.S. Immigration and Customs Enforcement, a division of DHS, has used the data to help identify immigrants who were later arrested, these people said. U.S. Customs and Border Protection, another agency under DHS, uses the information to look for cellphone activity in unusual places, such as remote stretches of desert that straddle the Mexican border, the people said.
twig  sn  ttg  758 
7 weeks ago by leolaporte
Wacom drawing tablets track the name of every application that you open | Robert Heaton
What requires more explanation is why Wacom think it’s acceptable to record every time I open a new application, including the time, a string that presumably uniquely identifies m
twig  sn  ttg  757 
7 weeks ago by leolaporte
Researcher: Backdoor mechanism still active in devices using HiSilicon chips | ZDNet
"Apparently, all these years HiSilicon was unwilling or incapable to provide adequate security fixes for [the] same backdoor which, by the way, was implemented intentionally," Yarmak said.
sn  twig  757 
7 weeks ago by leolaporte
Your Philips Hue light bulbs can still be hacked — but there’s a patch for the worst - The Verge
That’s the word from cybersecurity research firm Check Point Software, and the good news is you should already be safe from the worst part of the hack. If the Philips Hue Hub that controls your bulbs is connected to the internet, it should have automatically updated itself to version 1935144040 by now, which contains the patch you want. (Check Point informed Philips in November, and a patch was issued mid-January.) I just checked my own hub’s firmware version in the Philips Hue app, and I’m good.
twig  sn  ttg  757 
7 weeks ago by leolaporte

« earlier    

related tags

00000  2019ye  3p  3pw  710  712  713  714  715  718  719  723  724  725  726  728  729  732  738  739  740  741  746  747  748  749  752  753  754  755  756  757  758  761  762  763  764  765  aaa  bas  changelog  coronavirus  fake  ios  kasta  kms  lasc  malm  mbw  nachtzug  stockholm  tk  ttg  tvrepublika  twgi  twig  ww 

Copy this bookmark: