Security

The Cybersecurity and Infrastructure Security Agency (CISA) has published a security advisory today warning of a wave of attacks carried out by hacking groups affiliated with China's Ministry of State Security (MSS).

CISA says that over the past year, Chinese hackers have scanned US government networks for the presence of popular networking devices and then used exploits for recently disclosed vulnerabilities to gain a foothold on sensitive networks.

The United States is home to some of the world’s biggest and most influential technology companies, and yet, when it comes to voting technology, the nation often relies on remarkably low-tech solutions. Electronic voting machines have frequently been the target of computer science researchers, who would tear the machines apart and point out their many security flaws.

A new Bluetooth security flaw has been discovered that would potentially allow an attacker to connect to a user device without authentication.

The Bluetooth Special Interest Group (SIG), the body responsible for Bluetooth standards, has confirmed vulnerabilities separately discovered by two teams of security researchers…

A newly discovered malware gang is using a clever trick to create malicious Excel files that have low detection rates and a higher chance of evading security systems.

Discovered by security researchers from NVISO Labs, this malware gang — which they named Epic Manchego — has been active since June, targeting companies all over the world with phishing emails that carry a malicious Excel document.

Amazon Ring fixed a security vulnerability in its Ring doorbell last year that could have potentially allowed hackers access to homeowners’ networks through Wi-Fi passwords. In December 2019, Ring faced more security issues when a family from Tennessee claimed that a man hacked into their Amazon Ring security camera. The hacker reportedly used it to talk to an 8-year-old girl in her bedroom. Turns out the whole thing may not have been hacking, but just poor password use by the owner.

Israeli chip manufacturer Tower Semiconductor (TSEM.TA) said on Sunday some of its systems were hit by a cyber attack and as a result it was putting on hold some servers and manufacturing operations.

“Tower has notified relevant authorities, and is working closely with law enforcement organizations and with a leading team of worldwide experts, coordinated with its insurance providers, in order to recover the impacted systems as soon as possible,” the company said in a statement.

More than a dozen internet service providers (ISPs) across Europe have reported DDoS attacks that targeted their DNS infrastructure.

The list of ISPs that suffered attacks over the past week includes Belgium's EDP, France's Bouygues Télécom, FDN, K-net, SFR, and the Netherlands' Caiway, Delta, FreedomNet, Online.nl, Signet, and Tweak.nl. Attacks lasted no longer than a day and were all eventually mitigated, but ISP services were down while the DDoS was active.

A well-resourced hacking operation has deployed newly-developed trojan malware in a campaign targeting financial tech organisations with the aim of stealing email addresses, passwords and other sensitive corporate information – and the malicious code is bundled inside code ripped from legitimate applications.

A high school junior was arrested this morning for allegedly launching a cyber attack on the web-based systems used by their Florida school district for online learning.

If anyone was going to be enthusiastic about online voting, it would be Ben Adida. After starting multiple dot-com startups in the late 1990s and early 2000s, Adida earned a computer science PhD from MIT in 2006. Studying under legendary cryptographer Ron Rivest (the "R" in RSA) at MIT, Adida explored how to use advanced cryptography to hold provably secure elections.