Georgia Tech Cyberattack Exposes Data of 1.3 Million People

Posted on April 6th, 2019 by Responsible Cyber

Names, addresses, Social Security numbers, and birth dates may have been pilfered in the attack. Georgia Tech this week revealed that an attacker infiltrated a central database and stole personal information on up to 1.3 million current and former faculty, students, staff, and university applicants.  The unknown attacker or attackers broke in via a Georgia […]

Read More

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

Posted on April 6th, 2019 by Responsible Cyber

In a world that’s growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites.Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an […]

Read More

Ongoing DNS Hijack Attack Hits Consumer Modems and Routers

Posted on April 6th, 2019 by Responsible Cyber

The attack campaigns have re-routed DNS requests through illicit servers in Canada and Russia. An ongoing DNS hijacking campaign has taken aim at consumer modems and routers. Multiple waves of the campaign have changed settings in the residential devices, sending traffic through any of a series of addresses hosted on services known to be welcoming […]

Read More

Annual Protest Raises $250K to Cure Krebs — Krebs on Security

Posted on April 6th, 2019 by Responsible Cyber

For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive, a now-defunct cryptocurrency mining service that was massively abused by cybercriminals. Krebs is translated as “cancer” […]

Read More

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

Posted on April 6th, 2019 by Responsible Cyber

If you have a “private” blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites.WordPress has recently patched a severe vulnerability in its iOS application that apparently leaked secret authorization tokens for […]

Read More

Adversarial Machine Learning against Tesla’s Autopilot

Posted on April 6th, 2019 by Responsible Cyber

Researchers have been able to fool Tesla’s autopilot in a variety of ways, including convincing it to drive into oncoming traffic. It requires the placement of stickers on the road. Abstract: Keen Security Lab has maintained the security research work on Tesla vehicle and shared our research results on Black Hat USA 2017 and 2018 […]

Read More

These two books explain how to fix our broken security industry

Posted on April 4th, 2019 by Responsible Cyber

The first step in fixing a problem is admitting you have one. The computer security industry has long been broken and needs some serious fixes. The world spends many billions of dollars fighting cybersecurity threats, more and more each year, and threats, risks and exploits are just getting worse. We have even accepted that computer […]

Read More

What your antivirus software doesn’t tell you, and how to get that data

Posted on March 30th, 2019 by Responsible Cyber

Since the beginning, antivirus software vendors have lied about their accuracy. Many claim 100 percent accuracy in detecting bad programs and we, despite nearly every computer being protected by an antivirus program, are still exploited by malware. Submit any malware program to Google’s VirusTotal and get it scanned by 67 to 70 antivirus programs. Never […]

Read More

Why Phone Numbers Stink As Identity Proof — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on […]

Read More

Zipcar Disruption – Schneier on Security

Posted on March 24th, 2019 by Responsible Cyber

Zipcar DisruptionThis isn’t a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: “an outage experienced by a third party telecommunications vendor disrupted connections between the company’s vehicles and its reservation software.” That didn’t just mean people couldn’t get cars they reserved. Sometimes is meant they couldn’t get the […]

Read More