Menu

Blog

Archive for the ‘security’ category: Page 48

Nov 3, 2022

Researchers discover security loophole allowing attackers to use Wi-Fi to see through walls

Posted by in categories: drones, internet, security

A research team based out of the University of Waterloo has developed a drone-powered device that can use Wi-Fi networks to see through walls.

The , nicknamed Wi-Peep, can fly near a building and then use the inhabitants’ Wi-Fi network to identify and locate all Wi-Fi-enabled devices inside in a matter of seconds.

The Wi-Peep exploits a loophole the researchers call polite Wi-Fi. Even if a network is password protected, will automatically respond to contact attempts from any device within range. The Wi-Peep sends several messages to a device as it flies and then measures the response time on each, enabling it to identify the device’s location to within a meter.

Nov 3, 2022

Malicious Android apps with 1M+ installs found on Google Play

Posted by in categories: mobile phones, security

A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate ‘pay-per-click’ revenue for the operators.

Some of these sites offer victims to download fake security tools or updates, to trick users into installing the malicious files manually.

At the time of publishing, the apps are still present on Google Play under a developer account called Mobile apps Group, and have a total install count of more than one million.

Oct 29, 2022

Light-analyzing ‘lab on a chip’ opens door to widespread use of portable spectrometers

Posted by in categories: biotech/medical, mobile phones, robotics/AI, security

Scientists including an Oregon State University materials researcher have developed a better tool to measure light, contributing to a field known as optical spectrometry in a way that could improve everything from smartphone cameras to environmental monitoring.

The study, published today in Science, was led by Finland’s Aalto University and resulted in a powerful, ultra-tiny that fits on a microchip and is operated using artificial intelligence.

The research involved a comparatively new class of super-thin materials known as two-dimensional semiconductors, and the upshot is a proof of concept for a spectrometer that could be readily incorporated into a variety of technologies—including quality inspection platforms, security sensors, biomedical analyzers and space telescopes.

Oct 29, 2022

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

Posted by in categories: cryptocurrencies, evolution, finance, internet, security

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud.

“These droppers continue the unstopping evolution of malicious apps sneaking to the official store,” Dutch mobile security firm ThreatFabric told The Hacker News in a statement.

“This evolution includes following newly introduced policies and masquerading as file managers and overcoming limitations by side-loading the malicious payload through the web browser.”

Oct 28, 2022

Elon Musk completes $44bn Twitter takeover — and immediately sacks top executives

Posted by in categories: biotech/medical, Elon Musk, security

I guess it’s time for Twitter execs to go home, and for me to start using Twitter again. They killed my chamber of commerce account, then when I opened a personal account, they kept asking for my phone number every time I logged in. If I give you my number once and you send me an sms, I’m not giving it to you again, as that’s not safe.


It ends months of bad blood between the two parties regarding the takeover, with Elon Musk complaining about fake accounts on the platform and claims by a whistleblower that Twitter misled regulators about security risks.

Oct 27, 2022

Lydie Evrard — Deputy Director General, IAEA — Head of the Department of Nuclear Safety and Security

Posted by in categories: economics, engineering, finance, nuclear energy, security, sustainability

Protecting People, Society & Environment — Lydie Evrard, Deputy Director General; Head, Department of Nuclear Safety & Security, International Atomic Energy Agency (IAEA)


Lydie Evrard (https://www.iaea.org/about/organizational-structure/departme…d-security) is Deputy Director General and Head of the Department of Nuclear Safety and Security at the International Atomic Energy Agency (IAEA).

Continue reading “Lydie Evrard — Deputy Director General, IAEA — Head of the Department of Nuclear Safety and Security” »

Oct 23, 2022

France’s Nuclear Reactors Malfunction as Energy Crisis Bites

Posted by in categories: nuclear energy, security

PARIS—France is falling behind in its plans to return the country’s fleet of nuclear reactors to full power this winter after a rash of outages, raising fears that one of Europe’s key sources of electricity won’t be ramped up to counter Russia’s squeeze on the continent’s energy supplies.

The nuclear fleet was designed to act as the front line of France’s energy security. Since Moscow cut the flow of natural gas to Europe—plunging the continent into its biggest energy crisis since the 1970s oil shock—France’s vaunted nuclear fleet has been about as effective as the Maginot Line, the French fortifications that did little to stop the German invasion during World War II.

Oct 20, 2022

Internet connectivity worldwide impacted

Posted by in categories: internet, security

A major internet subsea fiber cable in the South of France was severed yesterday at 20:30 UTC, causing connectivity problems in Europe, Asia, and the United States, including data packet losses and increased website response latency.

Cloud security company Zscaler reports that they made routing adjustments to mitigate the impact. However, users still face problems due to app and content providers routing traffic through the impacted paths.

“Zscaler is working with the content providers to have them influence their portion of the path,” reads a notice from Zscaler.

Oct 20, 2022

SBOMs: An Overhyped Concept That Won’t Secure Your Software Supply Chain

Posted by in categories: biotech/medical, computing, security

With Executive Order 14028, a large regulatory push toward mandating the production of a software bill of materials (SBOM) began. As this new buzzword spreads, you’d think it was a miracle cure for securing the software supply chain. Conceptually, it makes sense — knowing what is in a product is a reasonable expectation. However, it is important to understand what exactly an SBOM is and whether or not it can objectively be useful as a security tool.

SBOMs are meant to be something like a nutrition label on the back of a grocery store item listing all of the ingredients that went into making the product. While there currently is no official SBOM standard, a few guideline formats have emerged as top candidates. By far, the most popular is the Software Data Package Exchange (SPDX), sponsored by the Linux Foundation.

SPDX, as with most other formats, attempts to provide a common way to represent basic information about the ingredients that go into the production of software: names, versions, hashes, ecosystems, ancillary data like known flaws and license information, and relevant external assets. However, software is not as simple as a box of cereal, and there is no equivalent to the Food and Drug Administration enforcing compliance to any recommended guidelines.

Oct 20, 2022

Microsoft Customer Data Exposed by Misconfigured Server

Posted by in categories: business, security

Sensitive information for some Microsoft customers were exposed by a misconfigured server, Microsoft Security Response Center said on Wednesday. The misconfigured endpoint was accessible on the Internet and did not require authentication.

The exposed information included names, email addresses, email content, company name, phone numbers, and files “relating to business between a customer and Microsoft or an authorized Microsoft partner,” the company said. The endpoint has already been secured to require authentication, and affected customers have been notified.

“This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services,” Microsoft said, noting that there is no indication that customer accounts or systems had been compromised.

Page 48 of 147First4546474849505152Last