Image: SHUTTERSTOCK / MARKUSENES By Stan Schroeder2018-01-12 11:52:27 UTC Now that the patches across various platforms for the recently discovered Spectre and Meltdown vulnerabilities have largely been deployed, Google has detailed how it managed to address these threats on its cloud services such as Gmail and Search before the public even knew about them. Hint:Read More
The Belfer Center at the Harvard Kennedy School of Government has published a nonpartisan Cybersecurity Campaign Playbook, as part of its Defending Digital Democracy project (previously, “designed to give you simple, actionable information that will make your campaign’s information more secure from adversaries trying to attack your organization—and our democracy.”
Don’t miss theRead More
When Context Labs teamed up with UK consumer group Which? to produce an outstanding report on the surveillance, privacy and security risks of kids’ “connected toys,” it undertook the reverse-engineering of Hasbro’s new Furby Connect, a device that works with a mobile app to listen and watch the people around it and interact withRead More
That’s according to this month’s shareholder filings; the company estimates the total bill at $166 million more, plus class action damages.
Equifax’s nation-destroying data-breach was subsequently revealed to be just the latest in a series of unbelievably careless IT blunders, and it eventually cost the company CEO his job; now his replacement hasRead More
The Norwegian Consumer Council hired a security firm called Mnemonic to audit the security of four popular brands of kids’ smart watches and found a ghastly array of security defects: the watches allow remote parties to seize control over them in order to monitor children’s movements and see where they’ve gone, covertly listen inRead More
US CERT has privately circulated an advisory warning key stakeholders about the imminent publication of Key Reinstallation Attacks (KRACK), which exploit a heretofore unknown flaw in the WPA2 wifi security protocol, allowing attackers to break the encryption and eavesdrop upon — and possibly inject packets into — wireless sessions previously believed to be secure.