security

First ‘Jackpotting’ Attacks Hit U.S. ATMs

"ATM 'jackpotting' — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States."

Continue ReadingFirst ‘Jackpotting’ Attacks Hit U.S. ATMs

YouTube Is Serving Covert Cryptocurrency Mining Ads

"It’s like someone figured out how to monetize the awful Flash ads everyone used to hate for eating CPU cycles. A true win-win! And now it’s even hitting YouTube. TrendMicro has released an updated report, showing a sharp rise in ads served by Google’s DoubleClick service being infested with mining software. Like other attacks, this one uses a Javascript miner to mine Monero via Coinhive."

Continue ReadingYouTube Is Serving Covert Cryptocurrency Mining Ads

Secret Cabinet documents leaked after locked cabinets sold in Australia

"The Australian government on Wednesday launched an urgent investigation into the loss of thousands of classified documents that were sold with two second-hand filing cabinets and later obtained by a major news outlet. The cabinets were sold by a Canberra furniture shop at a discount price because they were locked and no one could find keys, the Australian Broadcasting Corp. reported."

Continue ReadingSecret Cabinet documents leaked after locked cabinets sold in Australia

Tech firms let Russia analyze software widely used by U.S. government

"In order to sell in the Russian market, the tech companies let a Russian defense agency scour the inner workings, or source code, of some of their products. Russian authorities say the reviews are necessary to detect flaws that could be exploited by hackers. But those same products protect some of the most sensitive areas of the U.S government, including the Pentagon, NASA, the State Department, the FBI and the intelligence community, against hacking by sophisticated cyber adversaries like Russia."

Continue ReadingTech firms let Russia analyze software widely used by U.S. government

Yes, Hawaii emergency management stuck a password on a sticky note

"The worsitude comes in the flimsiest but all too familiar of forms: a yellow sticky note, spotted in an Associated Press photo from July, at the agency’s headquarters at Diamond Head, bearing a password and stuck to a computer screen. While there’s a press photographer in the room, obviously. Richard Rapoza, a spokesman for HI-EMA, told Hawaii News Now that the password is authentic and was actually used for an 'internal application.'"

Continue ReadingYes, Hawaii emergency management stuck a password on a sticky note

Hawaii missile alert standdown delayed by forgotten log-in

"Governor David Ige was told two minutes after a text message was issued by the Emergency Management Agency (EMA) that the threat warning was a false alarm. But his office did not share the information via social media until about 17 minutes later. On Monday, Mr Ige acknowledged he had failed to recall his social media ID. The governor added that he now stored the details on his smartphone to avoid a repeat blunder."

Continue ReadingHawaii missile alert standdown delayed by forgotten log-in

Japanese Bitcoin Exchange Shuts Down After $723M Stolen

"On both English and Japanese social media, Coincheck promised users it would provide full details in due course, while in the meantime apologizing for the abrupt cut to services. Notably, Coincheck is not registered with Japan’s Financial Services Authority - a regulator responsible for overseeing exchanges in the country - unlike several other prominent cryptocurrency exchanges, such as bitFlyer and Quoine."

Continue ReadingJapanese Bitcoin Exchange Shuts Down After $723M Stolen

FBI Software For Analyzing Fingerprints Contains Russian-Made Code

"In a secret deal, a French company purchased code from a Kremlin-connected firm, incorporated it into its own software, and hid its existence from the FBI, according to documents and two whistleblowers. The allegations raise concerns that Russian hackers could compromise law enforcement computer systems."

Continue ReadingFBI Software For Analyzing Fingerprints Contains Russian-Made Code

Telegram plans multi-billion dollar ICO for chat cryptocurrency

"Encrypted messaging startup Telegram plans to launch its own blockchain platform and native cryptocurrency, powering payments on its chat app and beyond. With cryptocurrency powered payments inside Telegram, users could bypass remittance fees when sending funds across international borders, move sums of money privately thanks to the app’s encryption, deliver micropayments that would incur too high of credit card fees, and more."

Continue ReadingTelegram plans multi-billion dollar ICO for chat cryptocurrency

FBI director calls unbreakable encryption ‘urgent public safety issue’

"Tech companies and many cyber security experts have said that any measure ensuring that law enforcement authorities are able to access data from encrypted products would weaken cyber security for everyone. U.S. officials have said that default encryption settings on cellphones and other devices hinder their ability to collect evidence needed to pursue criminals."

Continue ReadingFBI director calls unbreakable encryption ‘urgent public safety issue’