A consumer group is urging major retailers to withdraw a number of “connected” or “intelligent” toys likely to be popular at Christmas, after finding security failures that it warns could put children’s safety at risk.
Tests carried out by Which? with the German consumer group Stiftung Warentest, and other security research experts, found flaws in Bluetooth and wifi-enabled toys that could enable a stranger to talk to a child. The investigation found that four out of seven of the tested toys could be used to communicate with the children playing with them. Security failures were discovered in the Furby Connect, i-Que Intelligent Robot, Toy-Fi Teddy and CloudPets.Read more
Jake Williams awoke last April in an Orlando, Fla., hotel where he was leading a training session. Checking Twitter, Mr. Williams, a cybersecurity expert, was dismayed to discover that he had been thrust into the middle of one of the worst security debacles ever to befall American intelligence.
Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed.Read more
The US government doesn't get along with hackers. That's just how it is. Hacking protected systems, even to reveal their weaknesses, is illegal under the Computer Fraud and Abuse Act, and the Department of Justice has repeatedly made it clear that it will enforce the law.
In the last 18 months, a new Department of Defense project called "Hack the Pentagon" has offered real glimmers of hope that these prejudices could change. The government's longstanding defensive posture makes some sense in theory—it has important secrets to keep—but in practice experts have long criticized the stance as a fundamental misunderstanding of how cybersecurity works.Read more
Cryptocurrencies are basically the same as e-money — like WebMoney or PayPal. That means they also have the same problems as classic e-payment systems.
However, the operating principles specific to cryptocurrencies sometimes make the problems more likely to occur, and thus more disturbing. In addition, the same principles are responsible for a certain number of risks unique to cryptocurrencies. We’ll start with common problems such as plain old theft. Let’s say you’re transferring money to a friend. You copy his wallet address accurately, but malware replaces the address in the clipboard with another one.Read more
When Apple released the iPhone X, it touched off an immediate race among hackers around the world to be the first to fool the company's futuristic new form of authentication.
A week later, hackers on the actual other side of the world claim to have successfully duplicated someone's face to unlock his iPhone X—with what looks like a simpler technique than some security researchers believed possible. Bkav released a blog post and video showing that—by all appearances—they'd cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking.Read more
A team of government, industry and academic officials successfully demonstrated that a commercial aircraft could be remotely hacked in a non-laboratory setting last year, a U.S. Department of Homeland Security official said Wednesday at the 2017 CyberSat Summit in Tysons Corner, Virginia.
“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology Directorate.Read more
WikiLeaks has resumed its CIA leaks and it has now started publishing source code and other files associated with tools allegedly developed by the intelligence agency.
In March, WikiLeaks began publishing documentation files describing what appeared to be CIA hacking tools as part of a leak dubbed Vault 7. Roughly two dozen tools and projects were disclosed over the course of several months. Now, after a two-month break, WikiLeaks announced a new round of leaks dubbed Vault 8, which provides source code and analysis for CIA tools. The organization pointed out that, similar to Vault 7, Vault 8 will not expose any zero-day or other vulnerabilities that could be used for malicious purposes.Read more
FBI special agent Christopher Combs complained how the agency couldn't get into the Texas shooter's phone during a press conference. Turns out all they had to do was ask Apple for help.
In a statement the tech titan has released to the media, it said it "immediately reached out to the FBI after learning from their press conference on Tuesday that investigators were trying to access a mobile phone." Cupertino offered its assistance and even promised to "expedite [its] response to any legal process." The company told that the FBI has yet to ask for help accessing the phone.Read more
Apple is soft-launching direct, person-to-person payments in an iMessage today with the Apple Pay Cash beta. The feature, which was announced earlier this year, allows you to send and receive cash inside the Messages app on iPhones. The program is launching in public beta today on iOS 11.2 beta 2, and you can opt in using the iOS Public Beta program here.
Once you’ve updated, you’ll see an Apple Pay button in the apps section of Messages that allows you to initiate a payment. Payments can also be triggered by simply asking for money in a message or tapping on a message sent by someone else asking for money.Read more
During a hacking operation in which U.S. authorities broke into thousands of computers around the world to investigate child pornography, the FBI hacked a number of targets in Russia, China, and Iran.
The news signals the bold future of policing on the so-called dark web, where investigators are increasingly deploying malware without first knowing which country their suspect is located in. Experts and commentators say the approach of blindly kicking down digital doors in countries not allied with the U.S. could lead to geopolitical fallout. The case centers around the FBI’s 2015 Operation Pacifier investigation, which delved into a child-pornography site.Read more