Google is offering security experts a bounty to identify Android app flaws as the Alphabet Inc unit seeks to wipe out bugs from its Google Play store.
Each flaw will score at least $1,000 under the program announced on Thursday to back up automated checks that have failed to block malware and other problems that security experts say infect the 8-year-old app store far more than Apple Inc’s rival App Store. Google will partner with HackerOne, a bug bounty program management website, to target a list of apps and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus.Read more
Hackers are joining forces with U.S. governors and academics in a new group aimed at preventing the manipulation of voter machines and computer systems to sway the outcome of future U.S. elections, a source familiar with the project said on Monday.
The anti-hacking coalition’s members include organizers of last summer’s Def Con hacking conference in Las Vegas, the National Governors Association and the Center for Internet Security, said the source, who asked not to be identified ahead of a formal announcement due to be made on Tuesday. The Washington-based Atlantic Council think tank and several universities are also part of the project, the source said.Read more
Facebook has been fined 1.2 million euros ($1.4 million) for allegedly collecting personal information from users in Spain that could then be used for advertising, the national data protection watchdog said.
The fine stemmed from an investigation into the social network company conducted alongside similar probes in Belgium, France, Germany and the Netherlands. The 1.2 million euro fine is a fraction of Facebook’s quarterly revenue of about $8 billion and stock market capitalization of around $435 billion. AEPD said it found three cases in which Facebook had collected details of its millions of Spanish users without informing them how such information would be used.Read more
Earlier this summer the House Science Committee sent letters to 22 US government agencies requesting information on their use of Kaspersky Lab security products.
As the federal government continues to investigate claims of ties between the Trump administration and Russia, officials in Washington have expressed concern that the government's use of software from Kaspersky Lab—a well-known security vendor based in Russia—could compromise domestic intelligence. This request represents the most recent action in an aggressive campaign by Congress.Read more
More bad news for folks in China. Chinese internet users will no longer be able to post comments online anonymously as of Oct. 1. The new ruling is the latest in the government's move to tighten control over internet usage in the country.
Sites like social networks and discussion forums will have to verify the real identities of registered users before they can be allowed to post anything on their platforms. Comments on news stories will also have to be reviewed by the website before they can appear online. For example, Zhihu, a Quora-like discussion site, has already started asking users to verify their identities.Read more
China has launched a digital "cyber-court" to help deal with a rise in the number of internet-related claims.
The Hangzhou Internet Court opened on Friday and heard its first case - a copyright infringement dispute between an online writer and a web company. Legal agents in Hangzhou and Beijing accessed the court via their computers and the trial lasted 20 minutes. The court's focus will be civil cases, including online shopping disputes. Judges were sworn in and the first case was presented on a large screen in the courtroom. Defendants and plaintiffs appear before the judge not in person, but via video-chat.Read more
In a mind-boggling world first, a team of biologists and security researchers have successfully infected a computer with a malicious program coded into a strand of DNA.
It sounds like science fiction, but I assure you it’s quite real — although you probably don’t have to worry about this particular threat vector any time soon. That said, the possibilities suggested by this project are equally fascinating and terrifying to contemplate. The multidisciplinary team at the University of Washington isn’t out to make outlandish headlines, although it’s certainly done that.Read more
China has demonstrated a world first by sending data over long distances using satellites which is potentially unhackable, laying the basis for next generation encryption based on so-called "quantum cryptography."
Last August, China launched a quantum satellite into space, a move which was called a "notable advance" by the Pentagon. Using this satellite, Chinese researchers at the Quantum Experiments at Space Scale project, were able to transmit secret messages from space to Earth at a further distance than ever before. The technology is called quantum key distribution. Typical encryption relies on traditional mathematics.Read more
Chinese-made drones that may have been used by U.S. service members in Syria are now banned by the U.S. Army, according to a report.
"Cease all use, uninstall all DJI applications, remove all batteries/storage media from devices, and secure equipment for follow on direction," reads the memo from Lt. Gen. Joseph H. Anderson, the Army's deputy chief of staff for plans and operations. The memo was obtained by the publication Defense One, which said it was also confirmed by two Army officials. According to the publication, the Army document cites "increased awareness of cyber vulnerabilities associated with DJI products."Read more
UK home secretary Amber Rudd has called on messaging apps like WhatsApp to ditch end-to-end encryption, arguing that it aids terrorists.
Writing in The Telegraph on Tuesday, the Conservative minister said that "real people" don't need the feature and that tech companies should do more to help the authorities deal with security threats. But activists have reacted with concern to her remarks, blasting them as "dangerous and misleading." Strong end-to-end encryption involves encoding messages or data so it cannot be read by anyone other than the intended recipient — including the company whose tech encrypts it, or law enforcement with a warrant.Read more