hacking
Lord & Taylor and Saks Have Been Hacked to the Tune of Five Million Payment Card Accounts

Cybercriminals who ran off with info on five million payment cards from Saks Fifth Avenue (including its discount brand) and Lord & Taylor databases appear to be preparing to sell them on the dark web, according to a Sunday report from Gemini Advisory. Read More >>

security
Boeing Says Suspected WannaCry Attack Only Hit ‘Small Number of Systems,’ Not Including Planes

A facility in the US state of South Carolina owned by aerospace and defence contracting giant Boeing was hit by a WannaCry attack on Wednesday, the Seattle Times reported, but the company is now trying to tamp down fears that the dreaded ransomware is back on the rise after it was only barely snuffed out last year. Read More >>

cybersecurity
A Bug in the iOS Camera App’s QR Code Reader Could Send iPhone Users to Malicious Websites

A vulnerability in the way iOS’ camera app handles QR codes could potentially result in users being unknowingly redirected to malicious destinations. Read More >>

security
John McAfee Is Back, This Time at a ‘Hackproof’ Crypto Security Firm

John McAfee, the creator of the security software that bears his name, has gotten pretty weird over the many years of his ongoing “lunacy binge.” Just a handful of the times McAfee’s name has popped up in the news in the past few years include allegations of rape, torture, and assassinations during his time as an expat in Belize, blatant lies to the media about his supposed encryption-breaking abilities, and an ill-advised and confusing run for the Libertarian Party’s presidential nomination. Read More >>

intel
Researchers Find New Ways to Exploit Meltdown and Spectre Vulnerabilities in Modern CPUs

In the past few weeks, the entire information security industry has grown very anxious about Meltdown and Spectre, two classes of exploits that can be used to manipulate vulnerabilities in the way many varieties of modern processors (but especially Intel ones) handle a performance-improving technique called speculative execution and extract hidden system data. While numerous platforms have rushed to roll out patches, and Meltdown appears to be less of an issue than Spectre, it’s still unclear just how badly this situation could go. Read More >>

equifax
Report: Equifax Lost Even More Information on Consumers Than It Told the Public

Confidential documents filed with the US Senate Banking Committee suggest that Equifax could have lost considerably more personal information about over 145 million Americans to hackers than it’s publicly let on, CNN Money reported. Read More >>

apple
Bill Gates Seems to Think Apple Should Just Put a Backdoor in the iPhone

Bill Gates thinks Silicon Valley isn’t worried enough about government regulation. In a new interview, he warned that big tech companies are being reckless in their support for end-to-end encryption, and he made some cryptic comments about Apple. Read More >>

cryptocurrency
Cryptojackers Strike Again, Hitting Thousands of Sites Including US and UK Government Pages

Thousands of websites including ones run by the U.S. and U.K. governments secretly hijacked browsers to mine cryptocurrency thanks to a compromised plugin, the Register reported on Sunday. Read More >>

hacking
Pyeongchang Olympics Hit By Cyber Attack, With Widespread Rumors Russia to Blame

Officials at the 2018 Pyeonchang Winter Olympics have occurred that a cyber attack hit the games, taking its website as well as TV and internet access at its main press centre offline, the Guardian reported. Read More >>

apple
A Jailbreaker Was Allegedly Behind Apple’s iBoot Source Code Leak

The code to the iOS 9 version of the iPhone’s iBoot software—the proprietary system that ensures trusted launches of iOS, and one of Apple’s closely held secrets—leaked this week on Github, the open-source code repository. According to Motherboard, sources now say a low-level employee who stole the code at work was responsible. Read More >>

security
Snake Oil Salesmen Plague the Security Industry, But Not Everyone is Staying Quiet

Sitting in his college dorm room back in the mid-1990s, Desautels let his curiosity run rampant. He had a hunch that his school’s network was woefully insecure, so he took it upon himself to test it and find out. Read More >>

surveillance
China Denies That It Gifted the African Union an HQ Building Stuffed Full of Surveillance Devices

The government of China has long held an interest in building bridges with countries across Africa, which it sees as both a major opportunity for economic investment and a chance to project geopolitical power. But while mutual solidarity is nice and all, the Chinese want to leave as little to chance as possible in their influence-building project on the continent, per a recent investigation by French newspaper Le Monde. Read More >>

hackers
Smart Toy Maker to Pay £480,000 After Millions of Kids Get Hacked

In recent years, a number of toy makers have come under fire for developing children’s smart devices that turn out to be privacy nightmares, and a company called VTech Electronics has just settled the US Federal Trade Commission’s (the FTC) first case involving an internet-connected toy. VTech will pay the FTC $650,000 (around £480,000) over charges it violated the Children’s Online Privacy Protection Act (COPPA) and “failing to take reasonable steps to secure the data it collected,” according to an FTC statement released Monday. Read More >>

security
Linus Torvalds is Not Happy About Intel’s Meltdown and Spectre Mess

Famed Linux developer Linus Torvalds has some pretty harsh words for Intel on the fiasco over Meltdown and Spectre, the massive security flaws in modern processors that predominantly affect Intel products. Read More >>

hacking
What We Know So Far About Meltdown and Spectre, the Devastating Vulnerabilities in Modern CPUs

This week, news of massive security vulnerabilities afflicting every modern model of Intel processor went public, even as developers for practically every major platform frantically rushed to roll out fixes. Much more information has now become available about Meltdown and Spectre, a group of attack methods malicious parties could use to break into some of the most sensitive inner workings of any device using the affected CPUs. Read More >>