Flaws in Popular RDP Clients Allow Malicious Servers to Reverse Hack PCs

Posted on February 15th, 2019 by Responsible Cyber

You’ve always been warned not to share remote access to your computer with any untrusted people for many reasons—it’s basic cyber security advice, and common sense, right?But what if I say, you should not even trust anyone who invites or offers you full remote access to their computers?Security researchers at cybersecurity firm Check Point have […]

Read More

Bomb Threat Hoaxer Exposed by Hacked Gaming Site — Krebs on Security

Posted on February 14th, 2019 by Responsible Cyber

Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused […]

Read More

Microsoft, Adobe Both Close More Than 70 Security Issues

Posted on February 13th, 2019 by Responsible Cyber

With their regularly scheduled Patch Tuesday updates, both companies issued fixes for scores of vulnerabilities in their widely used software. Software makers Microsoft and Adobe both released large updates for their regularly scheduled Patch Tuesday releases today, with each company closing more than 70 security holes in their products. Among the issues patched by Microsoft […]

Read More

More Alleged SIM Swappers Face Justice — Krebs on Security

Posted on February 13th, 2019 by Responsible Cyber

Prosecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and extort money from victims. One of the individuals charged allegedly used a hacker nickname belonging to a key figure in the underground who’s built a solid reputation hijacking mobile phone numbers for profit. According to indictments unsealed this week, Tucson, […]

Read More

China’s AI Strategy and its Security Implications

Posted on February 13th, 2019 by Responsible Cyber

Gregory C. Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China’s AI strategy, commercial, government, and military. There are numerous security — and national security — implications. Tags: artificial intelligence, China, national security policy, reports Go to Source Author: Bruce Schneier

Read More

Google’s New Tool Alerts When You Use Compromised Credentials On Any Site

Posted on February 6th, 2019 by Responsible Cyber

With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet.Thankfully, Google has a solution.Today, February 5, on Safer Internet Day, Google launches a new service that has been designed to alert users […]

Read More

Flaws in Popular RDP Clients Allow Malicious Servers to Reverse Hack PCs

Posted on February 6th, 2019 by Responsible Cyber

You’ve always been warned not to share remote access to your computer with any untrusted people for many reasons—it’s basic cyber security advice, and common sense, right?But what if I say, you should not even trust anyone who invites or offers you full remote access to their computers?Security researchers at cybersecurity firm Check Point have […]

Read More

Public-Interest Tech at the RSA Conference

Posted on February 2nd, 2019 by Responsible Cyber

Our work in cybersecurity is inexorably intertwined with public policy and­ — more generally­ — the public interest. It’s obvious in the debates on encryption and vulnerability disclosure, but it’s also part of the policy discussions about the Internet of Things, cryptocurrencies, artificial intelligence, social media platforms, and pretty much everything else related to IT. […]

Read More

Ursnif Trojan is back with fileless persistence

Posted on January 30th, 2019 by Responsible Cyber

Researchers warn about a new wave of attacks with an information-stealing Trojan called Ursnif that uses PowerShell and fileless execution mechanisms, making it harder to detect. Some of the attacks also deploy the GandCrab ransomware. Ursnif, also known as Dreambot, has been around for some time and initially focused on stealing emails and online banking […]

Read More

Microsoft Exchange Vuln Enables Attackers to Gain Domain Admin Privileges

Posted on January 30th, 2019 by Responsible Cyber

Anyone with access to an Exchange mailbox can take control of domain, security researcher says. Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack that gives anyone with a mailbox a way to gain domain administrator rights at potentially 90% of organizations running Active Directory and Exchange, according to a security […]

Read More