Award-winning security news, opinion, advice and research from Sophos.
Firefox to pile on more native privacy features https://wp.me/p120rT-1T5U
Anyone else remember The Lawnmower Man? It got us thinking, what's the most realistic movie depiction of how our robot overlords will eventually take over?
And although 'administrator' was by far the most popular username with attackers, they weren't above a bit of localisation.
They didn't all do that though. We called this one "the hedgehog".
One of the interesting little details from the RDP research was how some attackers ramp up their attacks over time. Some sysadmins (very sensibly) set rate limits on login attempts and we think this shows attackers trying to "walk up" to those limits. https://twitter.com/NakedSecurity/status/1151475917677617155
Shapeshifting Morpheus chip aims to baffle hackers https://wp.me/p120rT-1T5P
FaceApp privacy panic sets internet alight https://wp.me/p120rT-1T5S
One of the interesting little details from the RDP research was how some attackers ramp up their attacks over time. Some sysadmins (very sensibly) set rate limits on login attempts and we think this shows attackers trying to "walk up" to those limits. https://twitter.com/NakedSecurity/status/1151475917677617155
Did we miss anything off the list? https://twitter.com/NakedSecurity/status/1151884664640086017
You can find the paper, Tracking sex: The implications of widespread sexual dataleakage and tracking on porn websites, here: https://arxiv.org/pdf/1907.06520.pdf
A new study reminds us that porn sites use 3rd party trackers too. TL;DR, you're probably sharing more than you intend to, with more companies than you realise, and incognito mode isn't helping much.
Hackers, meet a Bluetooth-connected device that heats up to 455 °F (235 °C). https://nakedsecurity.sophos.com/2019/07/18/hacked-bluetooth-hair-straighteners-are-too-hot-to-handle/
XSS is the most common web vulnerability and XSS Auditor just isn't cutting it. https://nakedsecurity.sophos.com/2019/07/18/google-chrome-is-ditching-its-xss-detection-tool/
First, Elon Musk announces he wants to laser-drill holes in your head and attach you to your phone. Then we learn that somebody thought unauthenticated Bluetooth would improve their 455 °F hair straighteners. So we wondered: what's the worst thing you can attach to the internet?
Prepare to be shamed. https://nakedsecurity.sophos.com/2019/07/18/still-not-using-https-firefox-is-about-to-shame-you/
Series 2 launch episode – RDP exposed [PODCAST] https://wp.me/p120rT-1T4S
Having completely solved the problem of securing the Internet of Things by 2019, humans felt ready to move to the next step... https://twitter.com/nypost/status/1151366343993823232
Hacked Bluetooth hair straighteners are too hot to handle https://wp.me/p120rT-1T4A
Google Chrome is ditching its XSS detection tool https://wp.me/p120rT-1T4D
Still not using HTTPS? Firefox is about to shame you https://wp.me/p120rT-1T4F
Senator Chuck Schumer has called upon the FBI and the Federal Trade Commission (FTC) to investigate the resurgent #FaceApp. https://twitter.com/SenSchumer/status/1151645791796248576
The @BBCNews reports that @instagram is now hiding 'likes' in Canada, Australia, New Zealand, Ireland, Italy, Japan and Brazil in the hope it will make people feel less judged. https://www.bbc.co.uk/news/world-49026935 https://twitter.com/NakedSecurity/status/1149602505736593409
Meanwhile, in the UK, a House of Commons Science and Technology Committee report says automatic facial recognition "should not be deployed until concerns over the technology’s effectiveness and potential bias have been fully resolved" https://publications.parliament.uk/pa/cm201719/cmselect/cmsctech/1970/1970.pdf
The city of Oakland has become the third US city to ban the use of facial recognition. https://www.sfchronicle.com/bayarea/article/Oakland-bans-use-of-facial-recognition-14101253.php https://twitter.com/NakedSecurity/status/1148911586607808513
The @NakedSecurity podcast is back (finally) in our brand new studio. @AnnaBrading talks to @infosecBoddy, @Bencrypting and @MarkStockley about their latest research into RDP attacks. Listen now and tell us what you think! https://soundcloud.com/sophossecurity/series-2-launch-rdp-exposed?in=sophossecurity/sets/naked-security-podcast
New scam ad reporting button is launched on Facebook UK, following celeb imposter scams. https://nakedsecurity.sophos.com/2019/07/17/facebook-launches-anti-scam-initiative/
Germany's warned its schools not to use cloud services from Microsoft, Google and Apple because of privacy concerns. https://nakedsecurity.sophos.com/2019/07/17/germany-bans-schools-from-using-tech-giants-clouds/
Researchers have found a way to hide data in music, without human ears detecting it. https://nakedsecurity.sophos.com/2019/07/17/researchers-hide-data-in-music-and-human-ears-cant-detect-it/
In 20 minutes @annabrading, @MarkStockley and @infosecBoddy will be on Facebook Live talking about their latest research into RDP.
RT @infosecBoddy: Me @MarkStockley and @Bencrypting have spent a month monitoring RDP login attempts to 10 honeypots across the world. We'…
In a world of BlueKeep, it’s easy to forget you’ve already got an RDP problem.
In a world of BlueKeep, it’s easy to forget you’ve already got an RDP problem.
RDP exposed: the wolves already at your door https://wp.me/p120rT-1SXk
Microsoft, Google and Apple clouds banned in Germany’s schools https://wp.me/p120rT-1T3G
Facebook rolls out anti-scam reporting tool in UK https://wp.me/p120rT-1T3E
Researchers hide data in music – and human ears can’t detect it https://wp.me/p120rT-1T3C
Researchers have found a way to beat the MAC address randomisation feature used by Bluetooth to protect users from being tracked. https://nakedsecurity.sophos.com/2019/07/16/bluetooth-les-anti-tracking-technology-beaten/
Will Facebook's $5b fine from the FTC cause other tech companies to sit up and take notice? #privacy https://nakedsecurity.sophos.com/2019/07/16/5b-privacy-fine-against-facebook-seen-as-chump-change/
Monroe College is battling a ransomware strike - attackers have demanded $1.8m. https://nakedsecurity.sophos.com/2019/07/16/ransomware-attackers-demand-1-8m-from-us-college/
These banks and telcos could create a blockchain to turn your phone into a mobile ID system. https://nakedsecurity.sophos.com/2019/07/16/asian-consortium-plans-blockchain-based-mobile-id-system/
GandCrab ransomware revisited – is it back under a (R)evil new guise? https://wp.me/p120rT-1T36
Bluetooth LE’s anti-tracking technology beaten https://wp.me/p120rT-1T1e
$5b privacy fine against Facebook seen as ‘chump change’ https://wp.me/p120rT-1T0w
Ransomware attackers demand $1.8m from US college https://wp.me/p120rT-1T06
Asian consortium plans blockchain-based mobile ID system https://wp.me/p120rT-1T1R
Alan Turing chosen for the UK's new £50 note - a cracking result! #Turing50 #ThinkScience https://wp.me/p120rT-1T1p
It's quite elaborate, but it would make for a cool movie scene. https://nakedsecurity.sophos.com/2019/07/15/researchers-read-data-from-air-gapped-machine-using-leds/
It was an embarrassing twist to the week-long saga of Zoom’s vulnerable web-conferencing app. https://nakedsecurity.sophos.com/2019/07/15/apple-quietly-removes-zooms-hidden-web-server-from-macs/
Instagram bug could have allowed anyone to take over your account https://wp.me/p120rT-1T0K
Ransomware attacks are underreported and on the rise. US mayors want to call time on payouts. https://nakedsecurity.sophos.com/2019/07/15/ransomware-attackers-us-mayors-say-you-should-go-jump-in-a-lake/
 
 
 
 
 
© 2009 creamsocial