The U.S. is better off supporting strong encryption that trying to weaken it, according to a new congressional report that stands at odds with the FBI’s push to install backdoors into tech products.On Tuesday, a bipartisan congressional panel published a year-end report, advising the U.S. to explore other solutions to the encryption debate.“Any measure that weakens encryption works against the national interest,” the report said.The congressional panel formed back in March, amid the FBI’s public battle with Apple over trying to gain access to a locked iPhone belonging to the San Bernardino shooter.To read this article in full or to leave a comment, please click here
Use of cellphone spying technology has become widespread among U.S. law enforcement agencies and should be better regulated, according to a new congressional report.Not only is the FBI deploying the technology, commonly called "Stingray" after one product made by Harris Corp., but so are state and local police. And there are concerns that some law enforcement agencies have used Stingrays without securing search warrants, said the report from House Committee on Oversight and Reform, published on Monday.“Absent proper oversight and safeguards, the domestic use of (Stingrays) may well infringe upon the constitutional rights of citizens to be free from unreasonable searches and seizures,” it said.To read this article in full or to leave a comment, please click here
Use of cellphone spying technology has become widespread among U.S. law enforcement agencies and should be better regulated, according to a new congressional report.Not only is the FBI deploying the technology, commonly called "Stingray" after one product made by Harris Corp., but so are state and local police. And there are concerns that some law enforcement agencies have used Stingrays without securing search warrants, said the report from House Committee on Oversight and Reform, published on Monday.“Absent proper oversight and safeguards, the domestic use of (Stingrays) may well infringe upon the constitutional rights of citizens to be free from unreasonable searches and seizures,” it said.To read this article in full or to leave a comment, please click here
U.S. President Barack Obama pledged to punish Russia for hacking of Democratic groups and figures during the election season with actions that’ll occur in secret and others that’ll be made public.“Our goal continues to be to send a clear message to Russia or others not to do this to us because we can do stuff to you,” Obama said in a press conference.The President stopped short of explicitly blaming Russian president Vladimir Putin for directing the alleged hacks, but said that, “not much happens in Russia without Vladimir Putin.”Obama met Putin during a summit in China in September and told him to "cut it out" and or else "there would be some serious consequences if he didn't," he said. After that meeting, the hacking attempts stopped but Wikileaks had already been given copies of stolen documents.To read this article in full or to leave a comment, please click here
U.S. President Barack Obama pledged to punish Russia for hacking of Democratic groups and figures during the election season with actions that’ll occur in secret and others that’ll be made public.
“Our goal continues to be to send a clear message to Russia or others not to do this to us because we can do stuff to you,” Obama said in a press conference.
The President stopped short of explicitly blaming Russian president Vladimir Putin for directing the alleged hacks, but said that, “not much happens in Russia without Vladimir Putin.”
Obama met Putin during a summit in China in September and told him to "cut it out" and or else "there would be some serious consequences if he didn't," he said. After that meeting, the hacking attempts stopped but Wikileaks had already been given copies of stolen documents.To read this article in full or to leave a comment, please click here
A Russian-speaking hacker has been found selling stolen login credentials for a U.S. agency that tests and certifies voting equipment, according to a security firm.The hacker was attempting to sell more than 100 allegedly compromised login credentials belonging to the U.S. Election Assistance Commission (EAC), the security firm Record Future said in a Thursday blog post. The company said it discovered online chatter about the breach on Dec. 1.Some of these credentials included the highest administrative privileges. With such access, an intruder could steal sensitive information from the commission, which the hacker claimed to have done, Recorded Future said.To read this article in full or to leave a comment, please click here
A Russian-speaking hacker has been found selling stolen login credentials for a U.S. agency that tests and certifies voting equipment, according to a security firm.The hacker was attempting to sell more than 100 allegedly compromised login credentials belonging to the U.S. Election Assistance Commission (EAC), the security firm Record Future said in a Thursday blog post. The company said it discovered online chatter about the breach on Dec. 1.Some of these credentials included the highest administrative privileges. With such access, an intruder could steal sensitive information from the commission, which the hacker claimed to have done, Recorded Future said.To read this article in full or to leave a comment, please click here
Security researchers are disturbed it took Yahoo three years to discover that details of over 1 billion user accounts had been stolen back in 2013.It means that someone -- possibly a state-sponsored actor -- had access to one of the largest email user bases in the world, without anyone knowing. The stolen database may have even included information on email ids of U.S. government and military employees.“It is extremely alarming that Yahoo didn’t know about this,” said Alex Holden, chief information security officer with Hold Security.Yahoo said back in November it first learned about the breach when law enforcement began sharing with the company stolen data that had been provided by a hacker. At the time, the company was already dealing with a separate data breach, reported in September, involving 500 million user accounts.To read this article in full or to leave a comment, please click here
Security researchers are disturbed it took Yahoo three years to discover that details of over 1 billion user accounts had been stolen back in 2013.It means that someone -- possibly a state-sponsored actor -- had access to one of the largest email user bases in the world, without anyone knowing. The stolen database may have even included information on email ids of U.S. government and military employees.“It is extremely alarming that Yahoo didn’t know about this,” said Alex Holden, chief information security officer with Hold Security.Yahoo said back in November it first learned about the breach when law enforcement began sharing with the company stolen data that had been provided by a hacker. At the time, the company was already dealing with a separate data breach, reported in September, involving 500 million user accounts.To read this article in full or to leave a comment, please click here
Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical. As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand and respond to these hacks. What evidence do we have proving Russia’s involvement?
Attribution in any hack can be incredibly difficult, as Trump noted in a tweet, but cybersecurity experts say they have technical evidence showing that Democratic groups and figures were at the very least hacked with spear phishing emails and hard-to-detect malware from two suspected Russian hacking teams.To read this article in full or to leave a comment, please click here
Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical. As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand and respond to these hacks. What evidence do we have proving Russia’s involvement?
Attribution in any hack can be incredibly difficult, as Trump noted in a tweet, but cybersecurity experts say they have technical evidence showing that Democratic groups and figures were at the very least hacked with spear phishing emails and hard-to-detect malware from two suspected Russian hacking teams.To read this article in full or to leave a comment, please click here
In what is likely the largest data breach ever, Yahoo is reporting that data associated with more than 1 billion user accounts was stolen in August 2013.The incident is separate from a breach Yahoo reported in September involving at least 500 million users that originally occurred in late 2014 and shook public trust in the company.Stolen user data from this new breach involves names, email addresses, telephone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.To read this article in full or to leave a comment, please click here
In what is likely the largest data breach ever, Yahoo is reporting that data associated with more than 1 billion user accounts was stolen in August 2013.The incident is separate from a breach Yahoo reported in September involving at least 500 million users that originally occurred in late 2014 and shook public trust in the company.Stolen user data from this new breach involves names, email addresses, telephone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.To read this article in full or to leave a comment, please click here
The company behind Ashley Madison, the adultery enabling website, has agreed to pay a US$1.6 million settlement related to a major data breach last year that exposed account details of 36 million users.Ashley Madison's operator, Toronto-based Ruby, is making the settlement for failing to protect the account information and for creating fake user profiles to lure in prospective customers, the U.S. Federal Trade Commission said on Wednesday.In July 2015, a hacking group called Impact Team managed to steal the account details and then post them online a month later -- potentially damaging the reputation of the customers using the adultery website.To read this article in full or to leave a comment, please click here
The company behind Ashley Madison, the adultery enabling website, has agreed to pay a US$1.6 million settlement related to a major data breach last year that exposed account details of 36 million users.Ashley Madison's operator, Toronto-based Ruby, is making the settlement for failing to protect the account information and for creating fake user profiles to lure in prospective customers, the U.S. Federal Trade Commission said on Wednesday.In July 2015, a hacking group called Impact Team managed to steal the account details and then post them online a month later -- potentially damaging the reputation of the customers using the adultery website.To read this article in full or to leave a comment, please click here
Be wary around random, but legitimate-looking emails popping up in your inbox. A foreign government may be using them to try to hack you.That may sound far-fetched, but Russian cyberspies allegedly stole sensitive files from Democratic groups and figures using this very tactic. In some cases, the spoofed emails pretended to be from Google and managed to trick victims into giving up their login details, paving the way for a series of high-profile hacks that rocked this year’s presidential election.But even as the presidential race is over, cybersecurity experts warn that state-sponsored hackers remain a dangerous threat. Political organizations, businesses, and universities all should be on guard -- you’re probably already in their crosshairs.To read this article in full or to leave a comment, please click here
Be wary around random, but legitimate-looking emails popping up in your inbox. A foreign government may be using them to try to hack you.That may sound far-fetched, but Russian cyberspies allegedly stole sensitive files from Democratic groups and figures using this very tactic. In some cases, the spoofed emails pretended to be from Google and managed to trick victims into giving up their login details, paving the way for a series of high-profile hacks that rocked this year’s presidential election.But even as the presidential race is over, cybersecurity experts warn that state-sponsored hackers remain a dangerous threat. Political organizations, businesses, and universities all should be on guard -- you’re probably already in their crosshairs.To read this article in full or to leave a comment, please click here
Law enforcement agencies arrested 34 suspects in 13 countries, including the U.K and the U.S., as part of a crackdown last week on DDoS (distributed denial-of-service) attacks.The arrests targeted buyers of DDoS-for-hire services, which get paid to flood websites or internet-connected systems with traffic, forcing them to go offline.In addition to the 34 arrests, law enforcement agencies interviewed and warned another 101 individuals. Many of the suspects were under the age of 20, the European Union police agency Europol said in a Monday statement.To read this article in full or to leave a comment, please click here
Law enforcement agencies arrested 34 suspects in 13 countries, including the U.K and the U.S., as part of a crackdown last week on DDoS (distributed denial-of-service) attacks.The arrests targeted buyers of DDoS-for-hire services, which get paid to flood websites or internet-connected systems with traffic, forcing them to go offline.In addition to the 34 arrests, law enforcement agencies interviewed and warned another 101 individuals. Many of the suspects were under the age of 20, the European Union police agency Europol said in a Monday statement.To read this article in full or to leave a comment, please click here
U.S. efforts to get to the bottom about Russia’s role in hacking this year’s presidential election may very well end up mired in politics, hampering any response.On Monday, Senate Majority Leader Mitch McConnell, a Kentucky Republican, was the latest U.S. lawmaker to call for an investigation into Russia’s possible involvement. “This simply cannot be a partisan issue,” he said during a press conference.A growing number of lawmakers, in addition to U.S. intelligence agencies, also assert that Russia was behind the high-profile hacks that were intended to influence this year’s election. Among the targets were Democratic groups and figures whose emails were stolen and later leaked online.To read this article in full or to leave a comment, please click here
Michael Kan