Mac and Linux versions of the Tor anonymity browser just received a temporary fix for a critical vulnerability that leaks users' IP addresses when they visit certain types of addresses.
A researcher has uncovered security holes in Google’s bug-tracking database that could have potentially resulted in malicious hackers accessing sensitive information, including details of ways to exploit unpatched vulnerabilities in Google products.
Researcher Alex Birsan has described how he managed to trick Google Issue Tracker (known internally to Google staff as Buganizer) into granting him access to much more information than would normally be allowed to external parties.
Computer algorithms have gotten much better at recognizing patterns, like specific animals or people's faces, allowing software to automatically categorize large image collections. But we've come to rely on some things that computers can't do well. Algorithms can't match their image recognition to semantic meaning, so today you can ensure a human's present by asking them to pick out images of street signs.
The Mirai botnet, a collection of hijacked gadgets whose cyberattack made much of the internet inaccessible in parts of the US and beyond a year ago, previewed a dreary future of zombie connected-device armies run amuck. But in some ways, Mirai was relatively simple—especially compared to a new botnet that's brewing.
The Australian Cyber Security Centre noted in its just-issued 2017 Threat Report that a small Australian defense company "with contracting links to national security projects" had been the victim of a cyber-espionage attack detected last November. "ACSC analysis confirmed that the adversary had sustained access to the network for an extended period of time and had stolen a significant amount of data," the ACSC report stated. "The adversary remained active on the network at the time."
On Friday, President Trump announced that he will not certify Iran’s cooperation with the 2015 nuclear agreement negotiated by the Obama Administration. The move doesn't eliminate or rework the deal, possibilities its proponents feared given Trump's longstanding criticism of the agreement. But it does kick the accord to Congress for reconsideration. There, lawmakers could leave the agreement the same, impose tweaks, or go all the way to reinstating sanctions against Iran, effectively ending the deal.
Google researchers have discovered at least three software bugs in a widely used software package that may allow hackers to execute malicious code on vulnerable devices running Linux, FreeBSD, OpenBSD, NetBSD, and macOS, as well as proprietary firmware.
When Yahoo disclosed in December that a billion (yes, billion) of its users' accounts had been compromised in an August 2013 breach, it came as a staggering revelation. Now, 10 months later, the company would like to make a correction: That incident actually exposed three billion accounts—every Yahoo account that existed at the time.
A federal judge ruled Saturday that the FBI does not have to disclose the name of the vendor and how much it was paid by the government for a hacking tool that unlocked the iPhone of a terrorist behind the San Bernardino, California, attacks that left 14 people dead.
The massive Equifax credit bureau hack was finally winding down this week, offering space for reflection on all the ways the company utterly botched its response to the incident. The respite also gives US consumers the opportunity to finally figure out what the heck they’re going to do to protect themselves.
