Security

A critical bug, which has existed for at least 10 years in the Steam client, could have allowed attackers to remotely execute malicious code in “all 15 million active clients.” Put another way by Motherboard, 125 million Steam gamers were vulnerable to attacks in which attackers could have remotely controlled their machines.

While Valve did patch the massive vulnerability, Tom Court, a security researcher at Context Information Security, released the details about the remote code execution (RCE) bug that affected all versions of the Steam gaming client.

Fitness app PumpUp allegedly left a server that contained personal information like credit card numbers, private messages and health data unsecured.

The app lets you send photos to the PumpUp social network, to allow other users to cheer you on or suggest workout tips. It also tracks your fitness progress.

Cybercrime against women in this part of the world is becoming a growing problem. With easy access to the internet, more and more people are going online to connect with the world. But the sad reality remains, the growing number of internet users are facing cyberbullying and being the victim of cybercrime. And a majority of the cybercrimes reported today are somehow connected to social media. Facebook, the largest social media on earth, has been receiving backlash from the community for not taking enough preventive steps to ensure the safety of its users for quite a while now.

As far as blackmail goes, it was a relatively small request.

The hacker who claims to have gained access to a host of data from Ticketfly, prompting the Eventbrite-owned ticketing company to pull its site offline sometime late last night, told Mashable that he was only after a single bitcoin.

Robert Herjavec, founder of IT security firm Herjavec Group and a star on the angel investment reality show “Shark Tank,” says security workers will become increasingly specialized as technologies tied to sub-fields such as identity and access management become more complex.

L33tdawg: You might also be interested in this smart cities / smart nation panel discussion from HITB GSEC last year.

While many people presume burgeoning smart cities to be secure and safe for use by citizens, a new study by security professional association ISACA reveals the potential for substantial threats.

I tend to dive down rabbit holes a lot, and given the cost of context switching and memory deteriorating over time, sometimes the state I build up in my mind gets lost between the chances I get to dive in. These 'linkdump' posts are an attempt to collate at least some of that state in a way that I can hopefully restore to my brain at a later point.

Southeast Asian telcom giant Singapore Telecommunications Limited left approximately 1,000 customer routers wide open to a potential attack via an unprotected port. The flub occurred after the region’s largest ISP conducted remote maintenance on affected routers and failed to secure equipment when the work was complete, according to NewSky Security.

The creators of the Taylor cryptocurrency trading app claim that an unidentified hacker has stolen around $1.35 million worth of Ether from the company's wallets.

The hack allegedly took place on Tuesday, last week, on May 22. The Taylor team says the hacker somehow "got access to one of our devices and took control of one of our 1Password files."

With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features.

Below is a summary of all the new security features and options in Windows 10 version 1803, which I call the privacy edition. Bookmark this article, because we will be adding new security features as Microsoft releases future Windows updates.