Security: DARPA, Updates, Microsoft Windows Incidents and Outlook Fiasco
-
DARPA Making An Anonymous And Hack-Proof Mobile Communication System
The United States’ Defense Advanced Research Projects Agency, or DARPA, develops technologies that are deployed by the US army and sometimes the agency makes the technologies available for civilians as well. DARPA is behind many breakthrough technologies, including the internet itself, GPS, Unix, and Tor.
Now, DARPA is currently working on an anonymous, end-to-end mobile communication system that would be attack-resilient and reside entirely within a contested network environment.
-
Security updates for Monday
-
Passwords and Policies | Roadmap to Securing Your Infrastructure
-
Adblock Plus filter lists may execute arbitrary code
-
FBI now investigating "RobinHood" ransomware attack on Greenville computers [Ed: Microsoft Windows TCO]
-
RobinHood Ransomware Is “Honest” And Promises To “Respect Your Privacy”
The world of cybersecurity is full of surprises. From using Game of Thrones torrents to exploiting popular porn websites — notorious cybercriminals keep coming up with new ways to cause you harm.
In a related development, a ransomware called RobinHood is spreading havoc in North Carolina, where the ransomware has crippled most city-owned PCs. The FBI is currently investigating the issue along with local authorities.
-
Purism at SCaLE 2019 – Retrospective on Secure PureBoot
Once again, we were so busy we barely had the time to leave our booth: people were very interested in the Librem 5 devkit hardware, in the latest version of the Librem laptops and PureOS, on having the same apps for the Librem laptops and the Librem 5 phone… so we got to do the full pitch. On a less technical note, our swag was quite a success. People told us they loved our paper notebook and carpenter pencil, and asked questions about the pencils – which, according to Kyle Rankin, Chief Security Officer of Purism, have a section that is “kind of shaped like our logo”, and being carpenter pencils “are designed so you can sharpen them without having to use a proprietary pencil sharpener.” Visitors (and team) loved them for being beautiful, unusual and useful.
-
Hackers could read non-corporate Outlook.com, Hotmail for six months
Late on Friday, some users of Outlook.com/Hotmail/MSN Mail received an email from Microsoft stating that an unauthorized third party had gained limited access to their accounts and was able to read, among other things, the subject lines of emails (but not their bodies or attachments, nor their account passwords), between January 1 and March 28 of this year. Microsoft confirmed this to TechCrunch on Saturday.
The hackers, however, dispute this characterization. They told Motherboard that they can indeed access email contents and have shown that publication screenshots to prove their point. They also claim that the hack lasted at least six months, doubling the period of vulnerability that Microsoft has claimed. After this pushback, Microsoft responded that around 6 percent of customers affected by the hack had suffered unauthorized access to their emails and that these customers received different breach notifications to make this clear. However, the company is still sticking to its claim that the hack only lasted three months.
Not in dispute is the broad character of the attack. Both hackers and Microsoft's breach notifications say that access to customer accounts came through compromise of a support agent's credentials. With these credentials, the hackers could use Microsoft's internal customer support portal, which offers support agents some level of access to Outlook.com accounts. The hackers speculated to Motherboard that the compromised account belonged to a highly privileged user and that this may have been what granted them the ability to read mail bodies. The compromised account has subsequently been locked to prevent any further abuse.
-
Three encryption tools for the cloud
Safeguard your cloud storage with some preemptive file encryption. Here are three open source tools that get the job done in Linux.
From a security perspective, cloud storage ought never to have happened. The trouble is, it relies on the ability of users to trust the provider, yet often the only assurance available is the provider’s word. However, the convenience of cloud storage is too great for many companies and individuals to avoid it. Fortunately, security can be regained by users storing only encrypted files.
Numerous tools exist for encrypting in the cloud. Some are proprietary. However, these solutions also require trust -- they only shift the trust requirement to a third party, and basic security requires the user to verify security for themselves.
- Login or register to post comments
- Printer-friendly version
- 2208 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago