Author: Dennis Fisher

Google to Drop Trust For WoSign in September
Hacking, Privacy

Google to Drop Trust For WoSign in September

Google has finalized its plan to remove trust in Chrome for all certificates issued by Chines CA WoSign, a result of the certificate authority run afoul of the intricate rules that govern CAs. As far back as 2015, officials began noticing certificates issued by WoSign that had one or more […]

U.S., European Law Enforcement Take Down AlphaBay Dark Web Market
Hacking

U.S., European Law Enforcement Take Down AlphaBay Dark Web Market

Authorities in the United States and Europe have shut down two huge criminal marketplace operating on the dark web, one of which officials say was responsible for more than $1 billion in illicit transactions in the last three years. The investigations into the AlphaBay and Hansa marketplaces have been going […]

http://www.dahlstroms.com
Device Security

Apple Fixes Broadpwn Bug in iOS 10.3.3

In the latest version of iOS Apple has patched dozens of serious security flaws, including the Broadpwn vulnerability in some Broadcom WiFi chips, and a number of remote code execution bugs in various components of the OS. Not many details of the Broadpwn vulnerability are public yet, but it’s considered […]

Mozilla Wants to Build an Open Voice Engine
Identity

Mozilla Wants to Build an Open Voice Engine

With manufacturers weaving voice control into a wide variety of devices, from phones to cars to home assistants, the accuracy of the voice-recognition engines in those products is becoming vital. Mozilla is hoping to help improve that accuracy with the release of its new Common Voice project. The new initiative […]

National Security Letter Gag Orders Legal, Appeals Court Rules
Privacy

National Security Letter Gag Orders Legal, Appeals Court Rules

In a decision that has drawn the ire of technology providers and privacy advocates, a United States appeals court has ruled that National Security Letters and the gag orders that often come with them don’t violate the First Amendment. The ruling came down Monday and from the Ninth Circuit Court of […]

GhostCtrl Android Malware Hijacks Audio, Roots Devices
Device Security, Hacking

GhostCtrl Android Malware Hijacks Audio, Roots Devices

A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known […]

Cisco Fixes Remote Code Execution Flaw in WebEx Extensions
Hacking

Cisco Fixes Remote Code Execution Flaw in WebEx Extensions

Cisco has patched a serious remote code execution flaw in its WebEx extensions for both Google Chrome and Mozilla Firefox, a bug that could be exploited quite easily. The vulnerability affects several different browser extensions produced by WebEx, including the Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, […]

FCC Targets Robocalls Anew
Phone Fraud

FCC Targets Robocalls Anew

As part of its strategy to stop unwanted and illegal robocalls, the FCC is opening an inquiry into the way that providers reassign phone numbers and how they can help prevent customers from receiving robocalls intended for other people. The problem arises when one customer gives up a phone number, […]

Attackers Compromising Fresh WordPress Installs
Hacking

Attackers Compromising Fresh WordPress Installs

Attackers are scanning for new WordPress installations that haven’t been configured yet and compromising them and then using that access to take over entire sites. The attacks have been going on since May and researchers have seen many IP addresses that typically are engaged in other attack campaigns joining in this […]