Labor’s plan to fix Australia’s encryption laws doesn’t go far enough

On Tuesday the Labor Party announced it would attempt to fix Australia’s controversial encryption laws. Yes, the laws that Labor itself voted for in December 2018, enabling the government to get them over the line. The text of the Telecommunications Amendment (Repairing Assistance and Access) Bill 2019 was then tabled on Wednesday. It’s worth looking at, as much for what it omits as what it includes. The two main features…

December 6, 2019
Read More >>

FBI recommends that you keep your IoT devices on a separate network

Image:Bence Boros The FBI says owners of IoT (Internet of Things) devices should isolate this equipment on a separate WiFi network, different from the one they’re using for their primary devices, such as laptops, desktops, or smartphones. “Your fridge and your laptop should not be on the same network,” the FBI’s Portland office said in a weekly tech advice column. “Keep your most private, sensitive data on a separate system…

December 6, 2019
Read More >>

BotConf 2019 Wrap-Up Day #2

The second day is over. Here is my daily wrap-up. Today was a national strike day in France and a lot of problems were expected with public transports. However, the organization provided buses to help attendees to travel between the city center and the venue. Great service as always 😉

[The post BotConf 2019 Wrap-Up Day #2 has been first published on /dev/random]

December 6, 2019
Read More >>

New vulnerability lets attackers sniff or hijack VPN connections

Image: kalhh Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and tamper with VPN-tunneled connections. The vulnerability — tracked as CVE-2019-14899 — resides in the networking stacks of multiple Unix-based operating systems, and more specifically, in how the operating systems reply to unexpected network packet probes. According to the research team, attackers can use…

December 6, 2019
Read More >>

Get yourself a USB condom

Sometimes simple is best. And security doesn’t come much easier than the “Original USB Condom.” The other day I highlighted a cheap data blocker that you can use to keep you safe if you make use of public USB power charging stations at airports, hotels. But that wasn’t the “Original USB Condom.” Must read: Top gadgets for the security and privacy conscious (or the super paranoid!) This is the “Original…

December 6, 2019
Read More >>

Alleged Russian Hacker Behind $100 Million Evil Corp Indicted

For the last decade, the hackers behind Evil Corp have led a sustained assault on the bank accounts of thousands of victims across dozens of countries. By steadily evolving malware known as Bugat, they indiscriminately siphoned tens of millions of dollars from unwitting victims. Thursday, the FBI indicted Evil Corp’s alleged leader: Maksim V. Yakubets, also known as “aqua.” The indictment, which you can read in full below, details in…

December 5, 2019
Read More >>

Facebook sues Chinese malware operator for abusing its ad platform

Facebook filed a lawsuit today against a Chinese company and two Chinese nationals for abusing the Facebook ad platform to run a malware scheme. The accused are ILikeAd Media International Company Ltd., a Hong Kong-based company founded in 2016, and Chen Xiao Cong and Huang Tao, the two men behind it. Facebook said today that ILikeAd used Facebook ads to lure victims into downloading and installing malware. Once installed, the…

December 5, 2019
Read More >>

fremingUS charges two members of the Dridex malware gang

Image: DOJ The US Department of Justice announced charges today against two Russian nationals behind the infamous Dridex malware. The indictment names Maksim Yakubets and Igor Turashev as two of the developers behind the Dridex banking trojan, and specifically names Yakubets as the group’s leader. In addition, the DOJ brought additional charges against Yakubets for also participating in the development and proliferation of the ZeuS banking trojan, a precursor of…

December 5, 2019
Read More >>

44 million Microsoft users reused passwords in the first three months of 2019

The Microsoft threat research team scanned all Microsoft user accounts and found that 44 million users were employing usernames and passwords that leaked online following security breaches at other online services. The scan took place between January and March 2019. Microsoft said it scanned user accounts using a database of over three billion leaked credentials, which it obtained from multiple sources, such as law enforcement and public databases. The scan…

December 5, 2019
Read More >>