A man accused of sending an animated GIF of a strobe light to a reporter with epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on December 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After his wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault.”On Friday, the FBI arrested 29-year-old John Rivello at his home in Maryland.To read this article in full or to leave a comment, please click here
A man accused of sending an animated GIF of a strobe light to a reporter who has epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on Dec. 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After Eichenwald's wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault,” she wrote.To read this article in full or to leave a comment, please click here
A man accused of sending an animated GIF of a strobe light to a reporter who has epilepsy was arrested and charged with criminal cyberstalking with the intent to kill or cause bodily harm.Back on Dec. 15, 2016, Twitter user @jew_goldstein tweeted a flashing image to Newsweek reporter Kurt Eichenwald along with the message: “YOU DESERVE A SEIZURE FOR YOUR POSTS.” Eichenwald, who has epilepsy, immediately suffered a seizure.After Eichenwald's wife found him on the floor and called 911, she replied to @jew_goldstein, telling him that the tweet caused a seizure. “I have your information and have called the police to report the assault,” she wrote.To read this article in full or to leave a comment, please click here
While you may want to live long and prosper, you don’t want to be “kirked” – an extension added to files encrypted by the new Star Trek-themed Kirk ransomware.Kirk ransomware, which was discovered by Avast malware researcher Jakub Kroustek, doesn’t want the ransom to be paid in bitcoin; Bleeping Computer said it “may be the first ransomware to utilize Monero as the ransom payment of choice.”It is not known how the ransomware is being distributed, but researchers know that Kirk ransomware masquerades as the Low Orbital Ion Cannon network stress tool; LOIC was once favored for denial of service attacks. The fake version sports the LOIC slogan, “When harpoons, air strikes and nukes fail,” and claims to be initializing once executed.To read this article in full or to leave a comment, please click here
While you may want to live long and prosper, you don’t want to be “kirked” – an extension added to files encrypted by the new Star Trek-themed Kirk ransomware.Kirk ransomware, which was discovered by Avast malware researcher Jakub Kroustek, doesn’t want the ransom to be paid in bitcoin; Bleeping Computer said it “may be the first ransomware to utilize Monero as the ransom payment of choice.”It is not known how the ransomware is being distributed, but researchers know that Kirk ransomware masquerades as the Low Orbital Ion Cannon network stress tool; LOIC was once favored for denial of service attacks. The fake version sports the LOIC slogan, “When harpoons, air strikes and nukes fail,” and claims to be initializing once executed.To read this article in full or to leave a comment, please click here
The personal identifying information (PII)—names, email addresses, phone numbers, physical addresses, employers and job titles—for 33,698,126 Americans has been leaked online.The data, a 52.2GB CSV file, came from a commercial corporate database. Security researcher Troy Hunt determined that the breach came from NetProspex, a service provided by Dun & Bradstreet, which ironically was named as a 2017 world’s most ethical company.To read this article in full or to leave a comment, please click here
The personal identifying information (PII)—names, email addresses, phone numbers, physical addresses, employers and job titles—for 33,698,126 Americans has been leaked online.The data, a 52.2GB CSV file, came from a commercial corporate database. Security researcher Troy Hunt determined that the breach came from NetProspex, a service provided by Dun & Bradstreet, which ironically was named as a 2017 world’s most ethical company.To read this article in full or to leave a comment, please click here
Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.Rated criticalMS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.To read this article in full or to leave a comment, please click here
Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.Rated criticalMS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.To read this article in full or to leave a comment, please click here
You know the telepresence robots that roll around offices with a camera, microphone and iPad attached in order to give remote users a way to participate “face-to-face” in meetings? It would be trippy if an attacker were able to take control of such a robot, but also entirely possible. Today, Rapid7 revealed three security flaws it discovered in the mobile conferencing device Double Telepresence Robot.
Rapid7 researcher Deral Heiland discovered three vulnerabilities: unauthenticated access to data, static user session management, and weak Bluetooth pairing. Two of three vulnerabilities disclosed to Double Robotics were patched in January, a really quick response considering the fixes were deployed about a week after the flaws were disclosed to the company.To read this article in full or to leave a comment, please click here
You know the telepresence robots that roll around offices with a camera, microphone and iPad attached in order to give remote users a way to participate “face-to-face” in meetings? It would be trippy if an attacker were able to take control of such a robot, but also entirely possible. Today, Rapid7 revealed three security flaws it discovered in the mobile conferencing device Double Telepresence Robot.
Rapid7 researcher Deral Heiland discovered three vulnerabilities: unauthenticated access to data, static user session management, and weak Bluetooth pairing. Two of three vulnerabilities disclosed to Double Robotics were patched in January, a really quick response considering the fixes were deployed about a week after the flaws were disclosed to the company.To read this article in full or to leave a comment, please click here
Today, on the 28th anniversary of the web, its creator warned of three trends that must die for the web to be all that it should be. One of those is the spreading of fake news.On March 12, 1989, Tim Berners-Lee submitted his original proposal for the creation of the World Wide Web. 28 years later, in an open letter, Berners-Lee said that in the last 12 months, “I’ve become increasingly worried about three new trends, which I believe we must tackle in order for the web to fulfill its true potential as a tool which serves all of humanity.”
We’ve lost control of our personal data.
It’s too easy for misinformation to spread on the web.
Political advertising online needs transparency and understanding.
As it stands now for most of the web, people get free content in exchange for their personal data. Once companies have our data, we no longer have control over with whom it is shared. We can’t pick and choose what gets shared; it’s generally “all or nothing.”To read this article in full or to leave a comment, please click here
Today, on the 28th anniversary of the web, its creator warned of three trends that must die for the web to be all that it should be. One of those is the spreading of fake news.On March 12, 1989, Tim Berners-Lee submitted his original proposal for the creation of the World Wide Web. 28 years later, in an open letter, Berners-Lee said that in the last 12 months, “I’ve become increasingly worried about three new trends, which I believe we must tackle in order for the web to fulfill its true potential as a tool which serves all of humanity.”
We’ve lost control of our personal data.
It’s too easy for misinformation to spread on the web.
Political advertising online needs transparency and understanding.
As it stands now for most of the web, people get free content in exchange for their personal data. Once companies have our data, we no longer have control over with whom it is shared. We can’t pick and choose what gets shared; it’s generally “all or nothing.”To read this article in full or to leave a comment, please click here
From the trove of CIA documents dumped by WikiLeaks, we’ve heard a lot about attacks the agency could pull off against TVs and smartphones. Some of companies with targeted products have issued their initial responses.October 2014 notes discuss the CIA’s Embedded Devices Branch (EDB) and what it should target. For the “really non-technical,” the CIA would define “embedded systems” as “The Things in the Internet of Things.” But the fact that the CIA intended to exploit IoT should not surprise anyone, considering that in 2012, then-CIA Director David Petraeus said the CIA “cannot wait to spy on you” through your smart internet-connected devices.To read this article in full or to leave a comment, please click here
From the trove of CIA documents dumped by WikiLeaks, we’ve heard a lot about attacks the agency could pull off against TVs and smartphones. Some of companies with targeted products have issued their initial responses.October 2014 notes discuss the CIA’s Embedded Devices Branch (EDB) and what it should target. For the “really non-technical,” the CIA would define “embedded systems” as “The Things in the Internet of Things.” But the fact that the CIA intended to exploit IoT should not surprise anyone, considering that in 2012, then-CIA Director David Petraeus said the CIA “cannot wait to spy on you” through your smart internet-connected devices.To read this article in full or to leave a comment, please click here
The BBC found itself in the no-good-deed-goes-unpunished category thanks to Facebook. Granted, the BBC was investigating for an article to see if Facebook had improved its system for removing child porn from the site after such images are reported. But trying to help “clean up” Facebook should not be rewarded by the social network reporting you to the police.Using Facebook’s “report button,” BBC journalists reported 100 images that should not be allowed on the platform according to Facebook’s guidelines that claim “nudity or other sexually suggestive content” is not permitted on the site. The images included a still from a child porn video, under-16s in sexual poses and others along the same vein. Of those, only 18 were initially removed. The other 82, Facebook said, did not violate “community standards.”To read this article in full or to leave a comment, please click here
The BBC found itself in the no-good-deed-goes-unpunished category thanks to Facebook. Granted, the BBC was investigating for an article to see if Facebook had improved its system for removing child porn from the site after such images are reported. But trying to help “clean up” Facebook should not be rewarded by the social network reporting you to the police.Using Facebook’s “report button,” BBC journalists reported 100 images that should not be allowed on the platform according to Facebook’s guidelines that claim “nudity or other sexually suggestive content” is not permitted on the site. The images included a still from a child porn video, under-16s in sexual poses and others along the same vein. Of those, only 18 were initially removed. The other 82, Facebook said, did not violate “community standards.”To read this article in full or to leave a comment, please click here
DNA is supposed to be the answer for solving cold cases. For example, Wisconsin police have turned to DNA to help solve a 42-year-old cold case of “Baby Sarah.” Recently in Niagara Falls, cops found the man responsible for a smash and grab robbery committed 11 years ago, in 2006, via DNA which the man had been ordered to submit for unrelated offences. But it takes some state labs a year-and-a-half to process DNA, so some police departments are bypassing the state labs and creating their own DNA databases to track criminals.To read this article in full or to leave a comment, please click here
DNA is supposed to be the answer for solving cold cases. For example, Wisconsin police have turned to DNA to help solve a 42-year-old cold case of “Baby Sarah.” Recently in Niagara Falls, cops found the man responsible for a smash and grab robbery committed 11 years ago, in 2006, via DNA which the man had been ordered to submit for unrelated offences. But it takes some state labs a year-and-a-half to process DNA, so some police departments are bypassing the state labs and creating their own DNA databases to track criminals.To read this article in full or to leave a comment, please click here
The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here
Ms. Smith