In the midst of a news cycle filled with stories of the chaotic global pandemicand mass civil unrest raging around us right now, I personally find solace in stories about the constants we can rely on: Stories of brands continuing to show their ass on social media. Stories about budged art restorations continuing to be borked. And, of course, stories of scammers continuing to find new ways to scam. Continue reading Credit Card Skimmers Can Hide in an Icon’s Metadata
Cryptomining hacks aren’t new by any stretch, but a string of recent incidents is raising eyebrows. ZDNet reports that culprits infected multiple European supercomputers with Monero mining malware in the past week, including the University of Edinburgh’s ARCHER, five of bwHPC’scomputer clusters and most recently a cluster at Munich’s Ludwig-Maximilians University. That’s unusual by itself, but there appears to be a common thread between the hacks. Continue reading Supercomputers across Europe have fallen to cryptomining hacks
Marriott might soon face a stiff penalty for the massive November 2018 data breach. The UK’s Information Commissioner’s Office plans to fine the hotel chain £99,200,396 (about $123.7 million) for allegedly violating the EU’s General Data Protection Regulation through the incident. Marriott didn’t conduct “sufficient due diligence” when it bought Starwood, according to the regulator, and “should also have done more” to improve security.
Security experts aren’t done poking holes in LTE’s armor — not by a long shot. South Korean researchers have found 36 vulnerabilities in LTE that enable a range of attacks, some more sinister than others. They include temporary inconveniences like disconnecting someone from the cell network through to eavesdropping and controlling the data itself. The team found the abundance of exploits by using a custom “fuzzing” (feeding large chunks of random data to look for irregularities) tool.
Prisons across the United States are reportedly building biometric databases that include voice recordings of incarcerated people, according to The Intercept. The report cites contracting documents for the state of New York’s prison system, as well as statements from officials in Texas, Florida, Arkansas and Arizona confirming that prisons are actively using voice recognition technology that can extract and digitize voices to create unique and identifiable biometric signatures known as voice prints.
The TSA has been using CT scanners to screen airline passengers’ luggage since last year — early tests of the technology have been taking place in Phoenix’s Sky Harbor International Airport and Boston’s Logan International Airport. But now, the agency has shared its plans for CT technology going forward, including expansions into additional airports. American Airlines announced earlier this month that a CT scanner was being set up in New York’s JFK airport and the TSA says Baltimore-Washington International Airport, Chicago O’Hare International Airport, Los Angeles International Airport and Washington-Dulles International Airport are among those that will have CT scanners in the near future.
WiFi security is finally getting an upgrade after 14 years. The Wi-Fi Alliance has officially launched WPA3, the next-generation standard that promises to tackle many of the vulnerabilities that have persisted in wireless networking. Most notably, it brings individualized data encryption that should protect your data against eavesdropping from within the WiFi network. You’ll also get tougher password-based sign-ins through Simultaneous Authentication of Equals, a key establishment protocol that reduces the chances of someone guessing your password — even if it’s lousy.