Riviera Beach, Fla., authorized its insurer to pay a Bitcoin ransom to hackers who have paralyzed the city’s computer systems for three weeks.

Updated: The data leak impacted Tech Data’s client servers, SAP systems, and more.

A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm.

Why open source firmware is important for security.

With this paper, we survey the research performed in the domain of browser
fingerprinting, while providing an accessible entry point to newcomers in the
field. We explain how this technique works and where it stems from. We analyze
the related work in detail to understand the composition of modern fingerprints
and see how this technique is currently used online. We systematize existing
defense solutions into different categories and detail the current challenges
yet to overcome.

Thanks to Tinder's patchwork use of HTTPS, researchers found they could reconstruct someone's entire experience in the app.

Malware that stole contacts, audio, location and more was under development for years.

We reviewed 28 popular home routers for basic hardening features. None performed well. Oh, and we found a bug in the Linux/MIPS architecture.

Experts with whom we consulted confirmed New York Times reports on the Saudi capability to “collect vast amounts of previously inaccessible data from smartphones in the air without leaving a trace—including phone calls, texts, emails”—and confirmed that hacking was a key part of the Saudis’ “extensive surveillance efforts that ultimately led to the killing of [Washington Post] journalist Jamal Khashoggi.”

Once again, there is another data leak exposing personal data and business intelligence information from an unsecured source. Researchers have uncovered yet another leaked database containing a vast set of personal data. This latest discovery was unearthed by Bob Diachenko, a researcher at Security Discovery. Through his blog post, Diachenko claims that the database is… Read More »Verifications.io Leaks Personal Records of 2 Billion Users

GOOD ENOUGH TO RECOGNIZE MUSIC VIA SHAZAM IF YOU TURN IT UP TO 11

Our Biggest Data Breach Discovery of 2019 a massive 800 million emails leaked online. This data breach uncovered how an email verification service uses spam

Other providers of bare-metal cloud computing might also be vulnerable to BMC hack.

In my years covering cybersecurity, there’s one variation of the same lie that floats above the rest. “We take your privacy and security seriously.” You might have heard the phrase here and there. It’s a common trope used by companies in the wake of a data breach — eit…

If you weren’t scared of USB cables before, you should be now. The O.MG cable (or Offensive MG kit) from [MG] hides a backdoor inside the shell of a USB connector. Plug this cable into your c…

Japan will attempt to access Internet-connected devices in homes and offices to find their vulnerabilities. The first-of-its-kind survey is aimed at beefing up cyber-security.

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses

Among storage components, hard disk drives (HDDs) have become the most
commonly-used type of non-volatile storage due to their recent technological
advances, including, enhanced energy efficacy and significantly-improved areal
density. Such advances in HDDs have made them an inevitable part of numerous
computing systems, including, personal computers, closed-circuit television
(CCTV) systems, medical bedside monitors, and automated teller machines (ATMs).
Despite the widespread use of HDDs and their critical role in real-world
systems, there exist only a few research studies on the security of HDDs. In
particular, prior research studies have discussed how HDDs can potentially leak
critical private information through acoustic or electromagnetic emanations.
Borrowing theoretical principles from acoustics and mechanics, we propose a
novel denial-of-service (DoS) attack against HDDs that exploits a physical
phenomenon, known as acoustic resonance. We perform a comprehensive examination
of physical characteristics of several HDDs and create acoustic signals that
cause significant vibrations in HDD's internal components. We demonstrate that
such vibrations can negatively influence the performance of HDDs embedded in
real-world systems. We show the feasibility of the proposed attack in two
real-world case studies, namely, personal computers and CCTVs.