https://opensource.com/business/16/6/managing-passwords-security-linux?sc_cid=7016000000127ECAAY Managing password and security related issues in Linux is important, but there are some simple steps you can take to make your system more secure. We’ve seen that there can be a large number of attempts to log on to a publicly accessible system. So, what can we do? There are a few things →
https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/ A highly virulent new strain of self-replicating ransomware is shutting down computers all over the world. The malware, known as Wanna, Wannacry, or Wcry, has infected at least 57,000 computers, according to antivirus provider Avast. AV provider Kaspersky Lab said organizations in at least 74 countries have been affected. Wcry uses weapons-grade exploit published by the →
http://resources.infosecinstitute.com/seven-major-hacks-changed-view-cyber-security/ This is a good list of significant cyber security events. →
https://www.ssh.com/vulnerability/intel-amt/ This page by SSH collects information, fixes, and analyses of the Intel AMT Firmare remote code execution vulnerability of May 1, 2017 (CVE-2017-5689). Your servers are in danger now through Intel AMT technology! AMT enables remote management of the servers, including remote operating system installation. It is included in all modern Intel Xeon processors and →
https://www.theregister.co.uk/2017/05/03/hackers_fire_up_ss7_flaw/ O2-Telefonica in Germany has confirmed to Süddeutsche Zeitung that some of its customers have had their bank accounts drained using a two-stage attack that exploits SS7: Thieves exploited SS7 to intercept two-factor authentication codes sent to online banking customers. Is this beginning of end for use of SMS for two factor authentication? SS7 was known to be →
https://www.wired.com/2017/05/hundreds-apps-can-listen-beacons-cant-hear/?mbid=social_fb THERE ARE PLENTY of privacy-invading marketing ploys to worry about in life. Some examples are easy to notice, some are more subtle. In the most inconspicuous hustle of all, apps have increasingly incorporated ultrasonic tones to track consumers. →
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ This looks quite nasty security issue for very many PCs. It seems that Intel has confirmed it. You can read their advisory here. The short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME (Management Engine) →
https://www.marketplace.org/2017/04/20/tech/make-me-smart-kai-and-molly/blog-main-differences-between-internet-privacy-us-and-eu European privacy regulations are generally more consumer-focused than U.S. rules. “Who is the focus of these laws? Is it about protecting us, and giving us all the information we need and allowing us to make informed choices?” “Or is it about allowing Comcast to keep up with Google and Facebook when it comes to →
http://resources.infosecinstitute.com/cyber-risks-industrial-environments-continue-increase/ Industrial control systems (ICS) are a privileged target of different categories of threat actors. Researchers observed a significant increase of brute force attacks on supervisory control and data acquisition (SCADA) systems. In December, IBM warned of the availability of a penetration testing framework named smod that was used in many attacks in the wild. Organization in any industry can →
http://spectrum.ieee.org/computing/hardware/invasion-of-the-hardware-snatchers-cloned-electronics-pollute-the-market Unlike counterfeit electronics of the past, modern clones are very sophisticated. The counterfeiters make their own components, boards, and systems from scratch and then package them into superficially similar products. The clones may be less reliable than the genuine product, having never undergone rigorous testing. But they may also host unwanted or even malicious software, firmware, →