Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Senators Request Details on Trump's Smartphone Security (securityweek.com)

wiredmikey writes: Two US senators have requested details on President Donald Trump's smartphone security, saying he could jeopardize national secrets if he is still using his old handset, as some reports say.

"Did Trump receive a secured, encrypted smartphone for his personal use on or before Jan. 20? If so, is he using it?," said a tweet Tuesday by Senator Tom Carper, who along with fellow Democrat Claire McCaskill released a letter to the administration requesting information on the president's device. The lawmakers said they were concerned by reports that Trump was still using an Android device that may be several years old for his frequent personal Twitter messages.

The New York Times reported last month that while Trump had received a new, secure device after his inauguration, he still relied on his older device despite protests from aides.

Submission + - Study Finds Many Android VPNs Introduce Security Risks

wiredmikey writes: Researchers have analyzed hundreds of virtual private network (VPN) applications for Android and determined that many of them introduce serious privacy and security risks. A group of researchers analyzed 283 Google Play apps that request the BIND_VPN_SERVICE permission, which provides native support for VPN clients. After running a series of passive and active tests, researchers determined that while 67% of the analyzed apps claim to enhance privacy and security, three-quarters of them include third-party tracking libraries and 82% of them request access to sensitive information, such as text messages and user accounts. A small number of Android VPN apps have even been found to intercept TLS traffic and even inject JavaScript code for advertising and tracking purposes.

Submission + - Yahoo Sale to Verizon Delayed After Hack Disclosures (securityweek.com)

wiredmikey writes: Yahoo said Monday that the closing of a $4.8 billion deal to sell its core internet assets to US telecom titan Verizon has been delayed several months. A close originally set for this quarter has been pushed into next quarter, and has been thrown into doubt following disclosures of two huge data breaches.

Yahoo announced in September that hackers in 2014 stole personal data from more than 500 million of its user accounts. It admitted another cyberattack in December, this one dating from 2013, affecting over a billion users. The US Securities and Exchange Commission has opened an investigation into whether Yahoo should have informed investors sooner about the two major data breaches.

Submission + - Quimitchin: The First Mac Malware of 2017 Arrives

wiredmikey writes: Security researchers have a uncovered a Mac OS based espionage malware they have named "Quimitchin". The malware is what they consider to be "the first Mac malware of 2017" which appears to be a classic espionage tool. While it has some old code and appears to have existed undetected for some time, it works.

It was discovered when an IT admin noticed unusual traffic coming from a particular Mac, and has been seen infecting Macs at biomedical facilities.

Submission + - Most Common Passwords Used in 2016 (securityweek.com)

wiredmikey writes: Weak and commonly used passwords have long been one of the most used venues to compromise online accounts, yet people continue to utilize these incredibly weak password choices. What's scary, is that according to a new report compiled after the analysis of 10 million passwords leaked from data breaches, the top 25 most popular passwords are used to secure more than 50% of accounts. Sadly, this trend is not new, and continues to show how stupid people can be when it comes to passwords.

Specifically, the report (PDF) reveals that 123456, 123456789, qwerty, 12345678, and 111111 were the five most used passwords in 2016, as per analysis by security firm Keeper Security.

Submission + - Hamas 'Honey Trap' Dupes Israeli Soldiers (securityweek.com)

wiredmikey writes: The smartphones of dozens of Israeli soldiers were hacked by Hamas militants pretending to be attractive young women online, an Israeli military official said Wednesday. Using fake profiles on Facebook with alluring photos, Hamas members contacted the soldiers via groups on the social network, luring them into long chats, the official told journalists on condition of anonymity.

Dozens of the predominantly lower-ranked soldiers were convinced enough by the honey trap to download fake applications which enabled Hamas to take control of their phones, according to the official.

Comment Re:I admit it, I like Windows 10. (Score 1) 265

It's not improbable. It's just not true.

The start menu in Windows 10 comes up instantly. I have it on three computers, and just for good measure, I talked to three of my coworkers (one has a corporate install, the two installed it on their own; perks of working in IT).

Guess what?

The start menu in Windows 10 comes up instantly. Just like I said.

There is no need for you to lie.

Submission + - Destructive KillDisk Malware Turns Into Ransomware (securityweek.com)

wiredmikey writes: A recently discovered variant of the KillDisk malware encrypts files and holds them for ransom instead of deleting them. Since KillDisk has been used in attacks aimed at industrial control systems (ICS), experts are concerned that threat actors may be bringing ransomware into the industrial domain.

CyberX VP of research David Atch told SecurityWeek that the KillDisk variant they have analyzed is a well-written piece of ransomware, and victims are instructed to pay 222 bitcoins ($210,000) to recover their files, which experts believe suggests that the attackers are targeting “organizations with deep pockets.”

Submission + - U.S. Election Assistance Commission Hacked

wiredmikey writes: Researchers have discovered that a Russian-speaking hacker broke into the U.S. Election Assistance Commission (EAC) systems, and has been trying to sell stolen access credentials — including admin-level — on the underground.

On December 1, researchers with Recorded Future discovered internet chatter that appeared to relate to an EAC breach. A hacker, called "Rasputin" by Recorded Future, was discussing the sale of more than 100 EAC access credentials to a middle-eastern government broker. The hacker claimed to have accessed the systems via an SQLi vulnerability, which Recorded Future was able to locate and report.

EAC said Thursday that was aware of the 'potential intrusion' and was investigating the incident.

Comment How is that any different from what Google does? (Score 1) 123

If I visit Google, or Gmail, or Gmaps, YouTube, or anything else, with a non-Chrome browser, the top of the screen will ALWAYS have "do you want to install Chrome?" nagware. You can dismiss it in your session scope, but next time you come back, so does the message.

Why is that not a problem, and what Microsoft does is a problem?

Is it better on battery tests? Yeah, it is. Is it safer? It very well might be - but we don't know, since we're all running ad-blockers on non-Edge browsers, so our experiences are anecdotal at best.

Slashdot Top Deals

You will be successful in your work.

Working...