Security News

In a letter to the U.S. House of Representatives, several Internet organizations are urging for an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act to prohibit warrantless collection of search and browsing history. Signed by Mozilla Corporation, Engine, Reddit, Reform Government Surveillance, Twitter, i2Coalition, and Patreon, the letter asserts that the Internet browsing and search history provide a detailed picture of a person's life, and that legislation should ensure that this information is well protected.

While encryption can come in many forms, it always comes with the same goal: protecting data confidentiality. End-to-end encryption achieves that goal by setting up an encrypted channel where only the client applications themselves have access to the decryption keys.

The U.S. Department of Justice announced on Monday that the FBI managed to gain access to the data stored on two iPhones belonging to an individual who last year killed and wounded several people at a United States naval base. U.S. Attorney General William Barr and FBI Director Christopher Wray announced on Monday that the FBI managed to access the data stored on the two locked iPhones.

With US unemployment threatening to reach its highest level since the Great Depression, hackers around the globe are using stolen personal information to file fraudulent benefits claims and steal millions of dollars destined for jobless Americans. The Secret Service confirmed to The Register it has received reports of criminal gangs outside the States obtaining personal records and login credentials harvested from other hacked or leaky databases, and using that info to make unemployment claims on behalf of Americans, then pocketing the payouts via money mules.

With US unemployment threatening to reach its highest level since the Great Depression, hackers around the globe are using stolen personal information to file fraudulent benefits claims and steal millions of dollars destined for jobless Americans. The Secret Service confirmed to The Register it has received reports of criminal gangs outside the States obtaining personal records and login credentials harvested from other hacked or leaky databases, and using that info to make unemployment claims on behalf of Americans, then pocketing the payouts via money mules.

A new study looking into data breaches in 2019 found that on average, a US citizen had their personal information leaked to the public at least four times. Interest.com pulled together multiple sources of publicly available data from 2019 on all of the data breaches announced by a variety of companies including social media sites like Facebook, which had three of the largest breaches last year.

US officials moved Friday to cut off Chinese tech giant Huawei from global chipmakers, ramping up sanctions on the company seen by Washington as a national security risk. Officials said Huawei had been circumventing sanctions by obtaining chips and components that are produced around the world based on US technology.

Beijing accused the United States on Thursday of smearing China after Washington alleged Chinese hackers were attempting to steal research on developing a vaccine against the coronavirus. US authorities said Wednesday that Chinese hackers were trying to obtain coronavirus data on treatments and vaccines, warning the effort involved Chinese government-affiliated groups and others.

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool "Used by advanced persistent threat cyber actors in the targeting of cryptocurrency exchanges and related entities."

A list posted by US-CERT this week rattles off the 10 most oft-targeted security vulnerabilities during the past three years, and finds that, shock horror, for the most part, keeping up with patching will keep you safe. Microsoft ranks highly in the list because its software is widely used, and provides the most potential targets for hackers, though on the other hand, fixes have been available for these bugs for a long while: it doesn't have to be this way, people.