US cops warned not to gawp at iPhones due to Face ID lock-out

US rozzers are being warned to avoid looking at iPhones with Face ID in case they get locked out of the device, much like Craig Federighi at the iPhone X launch event. Apple’s mug-scanning Face ID tech, found on the iPhone X and iPhone XS, attempts to authenticate a face up to five times before the feature is disabled and the user’s potentially harder-to-obtain passcode is required to unlock the smartphone. Because of…

October 15, 2018
Read More >>

Stringent password rules lower risk of personal data breaches

Researchers at IU have discovered a simple way to foil criminals intent on breaking into university data. To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses…

October 15, 2018
Read More >>

Android Apps Pretend to Mine Unmineable CryptoCurrencies to Just Show Ads

Scammers are creating fake Android cryptocurrency mining apps and promoting them on the Google Store. The kicker is that these apps claim to mine cryptocurrency that can’t be mined in the first place. Fortinet discovered these apps on the Google Play Store when they saw that the apps were being promoted as miners for Ripple (XRP), Cardano (ADA), and Tether. As these are cryptocurrencies that are not possible to mine, the…

October 15, 2018
Read More >>

Ad Clicker Hiding as Google Photos App Found in Microsoft Store

A malicious app called “Album by Google Photos” was found in the Microsoft Store today that pretends to be from Google. This app pretends to be part of Google Photos, but is actually an ad clicker that repeatedly opens hidden advertisements in Windows 10. This free Album by Google Photos app claims to be created by Google LLC and has a description of “Finally, a photos app that’s as smart as you.”. …

October 15, 2018
Read More >>

Scanning an Exchange server for a virus that spreads via email? What could go wrong?

Just like clockwork, another weekend is over and Monday is here again. To lighten the load, El Reg is offering you the latest instalment of Who, Me?, our weekly sysadmin confessional column. This time we meet “Romeo”, who was working at a large music company in London at the time in question. It was his first job for a big multinational and the firm had just been hit by the I Love You…

October 15, 2018
Read More >>

In the new age of cyber warfare, finance firms are on the front line

The threat landscape is radically different in a connected, digital world. Critical infrastructures, from smart metres to payment systems, are no longer constrained by geography. Personal digital assets, such as identity and online behaviour data, are increasingly globalised. Threats to these aren’t nearly as easy to monitor or defend against – and governments’ ability to deal with them is being eroded. Industries and businesses are now finding themselves on the…

October 15, 2018
Read More >>

Malaysia Seeks GDPR-Style Data Protection Laws

Malaysia needs to be on par with global legislation on data protection such as GDPR, said Minister Gobind Singh Deo at a recent conference.Malaysia plans to update its data protection laws next year, possibly modelling it after the EU’s GDPR (General Data Protection Regulation) as the country seeks to prevent data breaches, according to local media. View full story ORIGINAL SOURCE: The Star The post Malaysia Seeks GDPR-Style Data Protection…

October 9, 2018
Read More >>

Number of Compromised Cryptojacking Routers in India Close to 30,000

The alarming rate of crypto-jacking attacks ravaging the internet has been a cause of worry as the trend keeps gaining momentum. Two months ago, over 170,000 computers were surreptitiously used in manufacturing malware scripts in Brazil, with another report indicating a similar trend in Moldova where 25,000 MikroTik routers were used in running CoinHive scripts. Trustwave researcher, Troy Mursch has attempted to draw a parallel between these two attacks but it is unknown whether they were actually…

October 9, 2018
Read More >>

Assassin’s Creed: Odyssey – DDoS Attacks Blight Launch

“Gaming companies put a lot of effort into planning for an attack and implementing anti-DDoS strategies”. Ubisoft, the £1.5 billion (by 2017-2018 sales) French gaming giant, saw the launch of one of its much-hyped premier titles disrupted by distributed denial of service (DDoS) attacks over the weekend, the company admitted. View full story ORIGINAL SOURCE: CBR The post Assassin’s Creed: Odyssey – DDoS Attacks Blight Launch appeared first on IT…

October 9, 2018
Read More >>

Windows 10 Ransomware Protection Bypassed Using DLL Injection

In Windows 10, Microsoft added a new ransomware protection feature called Controlled Folder Access that can be used to prevent modifications to files in protected folders by unknown programs. View full story ORIGINAL SOURCE: Bleeping Computer The post Windows 10 Ransomware Protection Bypassed Using DLL Injection appeared first on IT SECURITY GURU. Source: http://www.itsecurityguru.org

October 9, 2018
Read More >>