How to automate Let’s Encrypt certificate authority in AWS using PowerShell

Posted on May 31st, 2019 by Responsible Cyber

If you have been in IT for the last few years, no doubt you will have heard of Let’s Encrypt, an open certificate authority. Its goal is simple: Ensure the internet is no longer transmitted in plaintext. To that end it issues digital certificates for free. The service is completely automated in the right circumstances, […]

Read More

E-Retail Hacks More Lucrative Than Ever — Krebs on Security

Posted on May 23rd, 2019 by Responsible Cyber

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning […]

Read More

The 6 biggest ransomware attacks of the last 5 years

Posted on April 5th, 2019 by Responsible Cyber

Malware that holds data for ransom has been around for years. In 1991, a biologist spread PC Cyborg, the first ever ransomware, by sending floppy disks via surface mail to other AIDS researchers, for instance. In the mid ’00s Archiveus was the first ransomware to use encryption, though it’s long ago been defeated and you […]

Read More

Facebook password crisis – what to do? [VIDEO]

Posted on March 23rd, 2019 by Responsible Cyber

by Paul Ducklin Facebook has just admitted to years of problems with password hygiene by leaking plaintext passwords into logfiles by mistake. Watch this special edition of Naked Security Live… …we answer the questions lots of people have been asking us since we first wrote about this issue: What happened? Was this a blunder or […]

Read More

Landmark laws: data brokers and the future of US privacy regulation

Posted on March 14th, 2019 by Responsible Cyber

Data brokers have been operating in the dark for years. If you’re interested in digital privacy, the fact that your information is regularly traded by hundreds of secretive companies will come as no surprise. What’s less clear is who these organisations are, what information they store, and who exactly they’re working with. Thanks to a […]

Read More

GPS Spoof Hits Geneva Motor Show

Posted on March 14th, 2019 by Responsible Cyber

Incident leaves GPS units showing a location in England and a date 17 years in the future. At least seven manufacturers at the annual Geneva Motor Show, which began last week in Switzerland, have been hit by an attack that left their cars thinking they were somewhere far, far away. According to Jalopnik, which covers […]

Read More

More Than 22,000 Vulns Were Disclosed in 2018, 27% Without Fixes

Posted on March 1st, 2019 by Responsible Cyber

As in previous years, input validation vulnerabilities accounted for a substantial proportion of total, Risk Based Security report shows. The number of security vulnerabilities present in web applications and other software shows little signs of coming down anytime soon. A new report from Risk Based Security (RBS) shows that a total of 22,022 security vulnerabilities […]

Read More

Can Everybody Read the US Terrorist Watch List?

Posted on March 1st, 2019 by Responsible Cyber

After years of claiming that the Terrorist Screening Database is kept secret within the government, we have now learned that the DHS shares it “with more than 1,400 private entities, including hospitals and universities….” Critics say that the watchlist is wildly overbroad and mismanaged, and that large numbers of people wrongly included on the list […]

Read More

Friday Squid Blogging: A Tracking Device for Squid

Posted on March 1st, 2019 by Responsible Cyber

Really: After years of “making do” with the available technology for his squid studies, Mooney created a versatile tag that allows him to research squid behavior. With the help of Kakani Katija, an engineer adapting the tag for jellyfish at California’s Monterey Bay Aquarium Research Institute (MBARI), Mooney’s team is creating a replicable system flexible […]

Read More

Hacker Lauri Love denied bid to get computers back

Posted on February 22nd, 2019 by Responsible Cyber

by Danny Bradbury Hacker Lauri Love has failed to get his computers back six years after the UK’s National Crime Agency took them as part of a criminal investigation. In 2013, British authorities arrested Love for alleged hacking into US institutions, and seized his computers. However, he wasn’t charged because the information on his computers […]

Read More