Trump Signs Bill Banning Kaspersky Products
U.S. President Donald Trump on Tuesday signed a bill that prohibits the use of Kaspersky Lab products and services in federal agencies. The National Defense Authorization Act for FY2018 (H.R. 2810) focuses on Department of Defense and Department of Energy programs, authorizes recruitment and retention bonuses for the Armed Forces, and makes changes to national…
Old Crypto Vulnerability Hits Major Tech Firms
A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites. Last month, F5 Networks informed customers that some of its BIG-IP products include a vulnerability that can be exploited by a remote attacker for recovering encrypted data…
Dormant Keylogger Functionality Found in HP Laptops
A researcher has discovered that a touchpad driver present on hundreds of HP laptops includes functionality that can be abused for logging keystrokes. The vendor has released patches for a vast majority of affected devices. Michael Myng was looking for ways to control the keyboard backlight functionality on HP laptops when he noticed that the…
Database of 1.4 Billion Credentials Found on Dark Web
Researchers have found a database of 1.4 billion clear text credentials in what appears to be the single largest aggregate database yet found on the dark web. These are not from a new breach, but a compilation of 252 previous breaches, including the previous largest combo list, Exploit.in. The database was found by 4iQ on 5…
Internet of Things (IoT) security: what is and what should never be
The Internet has penetrated seemingly all technological advances today, resulting in Internet for ALL THE THINGS. What was once confined to a desktop and a phone jack is now networked and connected in multiple devices, from home heating and cooling systems like the Nest to AI companions such as Alexa. The devices can pass information…
How cybersecurity solutions can help with GDPR compliance
Technical (protection) measures, means, technologies, rules and resources are mentioned multiple times throughout the GDPR text. The Regulation does not, however, specify any security technology implementation as obligatory (a few methods are suggested as optional solutions for the specific usage). Choice and evaluation of adequacy is the sole responsibility of the data controller and processor.
Privacy Fears Over Artificial Intelligence as Crimestopper
Police in the US state of Delaware are poised to deploy “smart” cameras in cruisers to help authorities detect a vehicle carrying a fugitive, missing child or straying senior. The video feeds will be analyzed using artificial intelligence to identify vehicles by license plate or other features and “give an extra set of eyes” to…
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for…
8 Older Companies Doing New Things in Security
The security space is growing with startups building game-changing technologies in identity management, training, privacy, and other niche areas to drive the future of security. This year is a big one for new companies trying to make a name for themselves in the industry. From a security investment standpoint, the first two quarters of 2017…
Analysis of 3,200 Phishing Kits Sheds Light on Attacker Tools and Techniques
Phishing kits are used extensively by cybercriminals to increase the efficiency of stealing user credentials. The basic kit comprises an accurate clone of the target medium’s login-in page (Gmail, Facebook, Office 365, targeted banks, etc), and a pre-written php script to steal the credentials — both bundled and distributed as a zip file. Successfully phished…