Security

Last week, the Democratic National Committee had its servers compromised, and swaths of files - including opposition research on Donald Trump, and reports on key Republican presidential candidates - were released anonymously to several media outlets, including Gawker.

The DNC said an initial assessment concluded the attack came from Russian hackers. But days later, an ostensibly lone hacker known only as 'Guccifer 2.0' claimed responsibility for the attack, and in a statement rife with broken English and syntax errors, said he did it alone.

Successful cyberattacks by China hacker groups targeting corporate networks in the US and other regions have dramatically decreased since mid-2014, a new report finds. Even so, China continues to wage attacks in order to steal intellectual property despite political pressure by the US government -- and China's cyber espionage campaigns appear to be more streamlined.

Backdoors into encrypted communications may soon be mandatory in Russia.

A new bill in the Russian Duma, the country's lower legislative house, proposes to make cryptographic backdoors mandatory in all messaging apps in the country so the Federal Security Service—the successor to the KGB—can obtain special access to all communications within the country.

Acer has notified the customers of the Acer Store about a recent unathorized access of an unknown third party to credit card information, user names and passwords for some 34,500 users.

In a letter sent to customers, Acer said that it has identified a security issue involving the information of certain customers who used Acer's ecommerce site between May 12, 2015 and April 28, 2016.

Parisa Tabriz, manages Google’s Chrome security engineering teams, and gave a keynote at PyCon US this year.

Her talk was even-keeled, informative, and included strong FOSS messaging about everyone's vested interest in internet security and privacy. After the talk was done, I watched her take audience questions (long enough for me to take a short conference call) where she patiently and handily fielded all manner of queries from up and down the stack.

The FBI has had a fair amount of success de-anonymizing Tor users over the past few years. Despite the encryption software's well-earned reputation as one of the best tools for online privacy, recent court cases have shown that government malware has compromised Tor users by exploiting bugs in the underlying Firefox browser—one of which was controversially provided to the FBI in 2015 by academic researchers at Carnegie Mellon University.

Another day, another Adobe Flash security hole and another Adobe Flash patch. This time around, the killer security problem was in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. In short, if you were running Flash, you were in trouble.

So what else is new?

We still don't know who he is or whether he works for the Russian government, but one thing is for sure: Guccifer 2.0—the nom de guerre of the person claiming he hacked the Democratic National Committee and published hundreds of pages that appeared to prove it—left behind fingerprints implicating a Russian-speaking person with a nostalgia for the country's lost Soviet era.

More than four fifths of recently tested enterprise networks have shown evidence of malicious DNS activity.

Those are the results of a new report by Infoblox, the network control company. It analysed 519 files capturing DNS traffic, from 235 customers in various verticals, during the first quarter of 2016. In 83 per cent of cases, ‘suspicious’ DNS activity was found.

"Hello World. It's time I share with you a little secret...I'm Gay and Proud!!

It's not a tweet you'd expect from a Twitter account belonging to an ISIS member. But the account was hijacked by a hacker who goes by the name WauchulaGhost.