Month: July 2017

Google to Drop Trust For WoSign in September
Hacking, Privacy

Google to Drop Trust For WoSign in September

Google has finalized its plan to remove trust in Chrome for all certificates issued by Chines CA WoSign, a result of the certificate authority run afoul of the intricate rules that govern CAs. As far back as 2015, officials began noticing certificates issued by WoSign that had one or more […]

U.S., European Law Enforcement Take Down AlphaBay Dark Web Market
Hacking

U.S., European Law Enforcement Take Down AlphaBay Dark Web Market

Authorities in the United States and Europe have shut down two huge criminal marketplace operating on the dark web, one of which officials say was responsible for more than $1 billion in illicit transactions in the last three years. The investigations into the AlphaBay and Hansa marketplaces have been going […]

http://www.dahlstroms.com
Device Security

Apple Fixes Broadpwn Bug in iOS 10.3.3

In the latest version of iOS Apple has patched dozens of serious security flaws, including the Broadpwn vulnerability in some Broadcom WiFi chips, and a number of remote code execution bugs in various components of the OS. Not many details of the Broadpwn vulnerability are public yet, but it’s considered […]

Mozilla Wants to Build an Open Voice Engine
Identity

Mozilla Wants to Build an Open Voice Engine

With manufacturers weaving voice control into a wide variety of devices, from phones to cars to home assistants, the accuracy of the voice-recognition engines in those products is becoming vital. Mozilla is hoping to help improve that accuracy with the release of its new Common Voice project. The new initiative […]

National Security Letter Gag Orders Legal, Appeals Court Rules
Privacy

National Security Letter Gag Orders Legal, Appeals Court Rules

In a decision that has drawn the ire of technology providers and privacy advocates, a United States appeals court has ruled that National Security Letters and the gag orders that often come with them don’t violate the First Amendment. The ruling came down Monday and from the Ninth Circuit Court of […]

GhostCtrl Android Malware Hijacks Audio, Roots Devices
Device Security, Hacking

GhostCtrl Android Malware Hijacks Audio, Roots Devices

A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known […]

New Data Shows Attackers Focusing More Attention on iOS
Hacking

New Data Shows Attackers Focusing More Attention on iOS

A new report released this morning by Skycure shows that attackers are beginning to focus more and more of their attention on iOS, even as attacks on Android are leveling out . This would be the first time in iOS’s 10 year history that attacks on that platform have outpaced that of its main […]

Cisco Fixes Remote Code Execution Flaw in WebEx Extensions
Hacking

Cisco Fixes Remote Code Execution Flaw in WebEx Extensions

Cisco has patched a serious remote code execution flaw in its WebEx extensions for both Google Chrome and Mozilla Firefox, a bug that could be exploited quite easily. The vulnerability affects several different browser extensions produced by WebEx, including the Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, […]

FCC Targets Robocalls Anew
Phone Fraud

FCC Targets Robocalls Anew

As part of its strategy to stop unwanted and illegal robocalls, the FCC is opening an inquiry into the way that providers reassign phone numbers and how they can help prevent customers from receiving robocalls intended for other people. The problem arises when one customer gives up a phone number, […]