Security News

It's actually an investment company that wants to make online gaming more fair for players by funding early-stage gaming startups that incorporate blockchain technology in the nascent blockchain gaming industry. The idea, said Craig Russo, the company's director of innovation, is to broaden the appeal and growth of online gaming by giving players tools that allow them to keep those purchases or migrate them for use in other games without having to buy them again.

You know your attack surface don't you? You mapped all of it? Are you sure? How can you map the entire attack surface and prioritise the most important vulnerabilities, when statistics show you are only aware of 70 per cent of it at best, and tools like port scanners pump out lists of IP addresses without any business context or prioritisation?

Personal information of police officers in departments nationwide is being leaked online amid tense interactions at demonstrations across the U.S. over the police custody death of George Floyd and others, according to an unclassified intelligence document from the U.S. Department of Homeland Security, obtained by The Associated Press. Multiple high-ranking police officials in a number of cities, including Washington, Atlanta, Boston and New York have had their personal information shared on social media, including their home addresses, email addresses and phone numbers, the report warns.

Abstract: Democracy Live's OmniBallot platform is a web-based system for blank ballot delivery, ballot marking, and online voting. Three states - Delaware, West Virginia, and New Jersey - recently announced that they will allow certain voters to cast votes online using OmniBallot despite the well established risks of Internet voting, the system has never been the subject of a public, independent security review.

An online voting system approved in three US states is vulnerable to manipulation by hackers and may not protect ballot secrecy, according to an analysis by security researchers. The report comes with election officials scrambling following the outbreak of the coronavirus pandemic to enable remote voting in the November election to limit risks from crowded polling stations.

Half of organizations globally have not established cybersecurity guidelines regarding remote work according to the survey and US remote employees use work devices to access adult entertainment sites more than any other country. In addition to nearly half of respondents sharing their work device with someone else in their home, 36% accessed work applications through a personal laptop or device.

On Saturday, at 10:48 UTC, Sectigo's AddTrust legacy root certificate expired, causing a bit of weekend havoc for thousands of websites and services that rely on it for making a secure TLS/SSL connection. "Generally speaking, this is affecting older, non-browser clients which talk to TLS servers which serve a Sectigo certificate chain ending in the expired certificate," wrote Andrew Ayer, founder of SSLMate, in a blog post.

92% of Americans say they care about online safety and data privacy, yet a new report from iProov showed 44% polled shared passwords and mobile devices with their partners. "You wouldn't have the same key to your house, your car, and every building you ever need to go into. But it's also not possible to remember different passwords for every single site you use. So, Americans are recycling and sharing passwords because they want a convenient way to access their accounts. Biometric authentication is the modern replacement for keys."

A data dump containing account information of over 26 million LiveJournal users has been offered for sale on dark web marketplaces and is now being shared for free on underground hacker forums. The data dump, supposedly originating from a 2014 LiveJournal breach, contains email addresses, usernames, profile URLs and plain text passwords of 33+ million users.

Users visiting eBay have spotted that the website runs port scans against their computer, using the localhost address to inspect what may be running on your machine. Fraud is a big issue for eBay, and if the purpose of scanning for remote-control access ports is an attempt to detect criminals logged into a user's computer in order to impersonate them on the tat bazaar, it could have some value.