The government has another public balancing act on its hands with the disclosure this week of exploits against commercial security products that were purportedly cooked up by the NSA.
These attack tools revealed by a group called Shadow Brokers date from sometime before June 2013 and some of them were still effective this week, which means the NSA never told the vendors about them.
A little over nine million keys used to redeem and activate games on the Steam platform were stolen by a hacker who breached a gaming news site last month.
Biometric authentication systems have been around for ages, but it wasn’t until Apple released Touch ID alongside the iPhone 5s that it entered the mainstream. Building off that, a number of banks across the globe have started to update their mobile apps with with fingerprint and facial recognition systems in place of the tried and true password.
The Clinton Foundation says it has not been breached by the suspected Russian hackers that are believed to have infiltrated major Democratic Party organizations in a campaign Hillary Clinton supporters describe as an attempt thwart the candidate's presidential bid.
"We have no evidence Clinton Foundation systems were breached and have not been notified by law enforcement of an issue,” a Clinton Foundation official told POLITICO.
A fascinating article in Motherboard sheds light on the dangers surrounding our connected devices—particularly intimate ones, like sex toys. Reporting from a panel at DEF CON, the writer highlights the work of two New Zealand hackers who are studying the ethical risks of the "Internet of dildos."
In the wake of an unprecedented breach of hacking tools and exploits apparently stolen from the National Security Agency’s elite hacking unit, experts are offering two competing theories on how it happened — and both are equally disturbing.
Some former agency employees believe the alleged group behind the leak, “Shadow Brokers,” may have hacked an NSA server that had a top secret hacker toolkit left there by mistake.
Customers of certain Cisco and Fortinet security gear need to patch exploits made public this week after a purported hack of NSA malware.
Both companies have issued fixes to address exploits that were posted online and after they found the exploits represent real threats to some of their products, including versions of Cisco’s popular PIX and ASA firewalls and versions of Fortinet’s signature Fortigate firewalls.
The Vaultek is a connected safe that’s being crowdfunded on Indiegogo. It can be unlocked through either a Bluetooth-reliant phone app, a fingerprint scanner, a keyboard with a numeric passcode, or a regular manual key. Users have options. None of these methods are new ideas, so it’s easy to imagine that Vaultek’s creators can create a tangible product if they reach their funding goal. Here’s the thing, though, I don’t know who Vaultek’s creators are and what they’ve produced before.
L33tdawg: On an unrelated note, if you're in Singapore next week and interested in IoT honeypots, you might want to attend this #HITBGSEC CommSec talk.
A Delaware-headquartered brick-and-mortar jewelry store recently lost access to its online resources after subduing a major, multi-staged DDoS attack — the sort of hack that brings down your server by burdening it with huge amounts of simultaneous requests.
Security researchers are warning that all Windows users need to disable a feature on their operating system that could allow hackers to hijack their online accounts and steal sensitive information.
The Web Proxy Auto-Discovery Protocol (WPAD), developed by Microsoft in 1999, is turned on by default and is designed for computers to automatically discover which web proxy they should be using for a specific URL.
