Security News
Israel-based startup L1ght aims to curb the spread of bad behavior online. Many internet users spread hate speech and exhibit abusive behavior to harm other users.
US lawmakers proposed legislation Thursday that could see internet companies held legally responsible for content on their platforms if they don't do enough to police child pornography. Senators from both parties, backed by the Department of Justice, said that existing laws immunizing internet hosts like social media companies from liability for user-posted content have allowed child pornography to proliferate.
This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that market realities will produce insecure IoT devices, and political failures will leave that industry unregulated.
Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.
Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.
There's a Kickstarter for an actual candle, with real fire, that you can control over the Internet. What could possibly go wrong?...
Abstract: In the 2018 midterm elections, West Virginia became the first state in the U.S. to allow select voters to cast their ballot on a mobile phone via a proprietary app called "Voatz." Although there is no public formal description of Voatz's security model, the company claims that election security and integrity are maintained through the use of a permissioned blockchain, biometrics, a mixnet, and hardware-backed key storage modules on the user's device. We performed a clean-room reimplementation of Voatz's server and present an analysis of the election process as visible from the app itself.
A software vendor specializing in record-keeping tools for plastic surgery clinics poorly secured a storage bucket hosted by Amazon Web Services containing hundreds of thousands of sensitive patient photos and records. Infosec outfit ClearSky claims it has evidence of Iranian hackers, likely state backed, breaking into "Dozens of companies around the world in the past three years" by exploiting "Known vulnerabilities in systems with unpatched VPN and RDP services." The miscreants target businesses that provide IT services to others, allowing the intruders to menace thousands of customers, we're told.
Global Cloud Xchange, the leading provider of global managed next-generation networks, announced the extension of its relationship with global automotive supplier Autoneum through a new three-year managed network agreement. With the renewed contract, GCX will proceed to transform Autoneum's business-critical Wide Area Network to embrace next-generation network technologies like SD-WAN. "Proceeding on our digitalization journey, we need to extend our flexibility in shifting workloads between Clouds or on-premises. Global real-time collaboration among employees and external partners using innovative new technologies is key."
Why not make Safer Internet Day the excuse you need to do all those cybersecurity tweaks you've been putting off. Such as picking proper passwords, turning on two-factor authentication, downloading the latest security updates, making backups of your most important files, and revisiting your privacy settings in case you're oversharing by mistake?