Skip to main content

Industry News

Dutch privacy regulator says Windows 10 breaks the law

posted onOctober 15, 2017
by l33tdawg

The lack of clear information about what Microsoft does with the data that Windows 10 collects prevents consumers from giving their informed consent, says the Dutch Data Protection Authority (DPA). As such, the regulator says that the operating system is breaking the law.

Guess who else Spectre is haunting? Yes, it's AMD. Four class-action CPU flaw lawsuits filed

posted onFebruary 21, 2018
by l33tdawg

It's not just Intel facing a legal firestorm over its handling of the Spectre and Meltdown CPU design flaws – AMD is also staring at a growing stack of class-action complaints related to the chip vulnerabilities.

At least four separate lawsuits have now been filed against the California-based processor slinger, alleging violations ranging from securities fraud to breach of warranty, unfair competition, and negligence. The cases, all submitted to a US district court in San Jose, include:

Australian government still pushing decryption magic bullet

posted onFebruary 21, 2018
by l33tdawg

Minister for Home Affairs Peter Dutton has reignited the Coalition's push to access encrypted communications, touting decryption as fundamental in fighting terrorism, ahead of the Australia-ASEAN Special Summit next month.

Addressing the National Press Club on Wednesday, Dutton labelled "ubiquitous encryption" a "significant obstacle" to terrorism investigations.

"I am confident that the government has given our agencies the best tools to do the job, but as terrorists -- and other criminals -- evolve their tactics, so must we," he said.

SEC urges clearer disclosures about cybersecurity risks

posted onFebruary 21, 2018
by l33tdawg

The US Securities and Exchange Commission on Wednesday issued new guidance on how and when public companies should disclose cybersecurity risks and breaches.

The "interpretive guidance" document (PDF) urges informing investors of risks in a timely fashion, including vulnerabilities that have not yet been targeted by hackers. The guidance also says executives should refrain from trading in the company's stock while in possession of nonpublic information about significant cybersecurity attacks.

WhatsApp Co-Founder Puts $50M Into Signal To Supercharge Encrypted Messaging

posted onFebruary 21, 2018
by l33tdawg

In the four or so years since it launched, end-to-end encrypted messaging app Signal has become the security community's gold standard for surveillance-resistant communications. Its creators have built an encryption protocol that companies from WhatsApp to Facebook Messenger to Skype have all added to their own products to offer truly private conversations to billions of people. And it's done so as a non-profit with, at any given moment, a tiny staff that includes just two or three full-time coders. Now imagine what it might accomplish with actual Silicon Valley money behind it.

Coinbase, Worldpay, Visa play blame game after dosh vanishes from crypto-fans' pockets

posted onFebruary 21, 2018
by l33tdawg

Customers of cryptocurrency exchange Coinbase are still virtually in the dark regarding mysterious withdrawals made from their bank accounts that, in some cases, have apparently left some unlucky punters broke and facing overdraft fees.

Last week, netizens watched money drain out of bank accounts connected to Coinbase profiles thanks to phantom transactions. On Thursday, Coinbase, a San Francisco upstart, apologized, and claimed it was not at fault, adding that "the erroneous credit and debit charges are the result of Visa reversing and recharging transactions."

North Korean Threat Widens to Target Multinationals

posted onFebruary 21, 2018
by l33tdawg

The North Korean–linked hacking group known as Reaper is expanding its operations in both scope and sophistication, and it has now graduated to the level of an advanced persistent threat.

According to FireEye, the threat actor has carried out long-term targeting of North Korea’s interests in South Korea since 2013, but it’s now focusing on multinational campaigns using advanced capabilities. For instance, the group recently exploited a zero-day vulnerability in Abode Flash Player, CVE-2018-4878, which represents a concerning level of technical sophistication.