Dennis Fisher and Mike Mimoso talk about the potential US sanctions against China over cyberespionage, the browser vendors dumping RC4, the trouble at Mobile Pwn2Own and more security news of the week.
Tag Archives: Cybersecurity
ACSC releases its first cybersecurity threat report
The first unclassified cybersecurity Threat Report from the The Australian Cyber Security Centre has been released.
The post ACSC releases its first cybersecurity threat report appeared first on We Live Security.
An Ashley Madison response plan: does your company have one?
The Ashley Madison data breach has created fresh cybersecurity threats for all organizations. A company response plan is needed. Here’s what you need to know.
The post An Ashley Madison response plan: does your company have one? appeared first on We Live Security.
FTC can punish organisations with poor cybersecurity
FTC has the authority to hold organisations to account for failing to deliver tough cybersecurity measures.
The post FTC can punish organisations with poor cybersecurity appeared first on We Live Security.
Make password into a story and more parental hacks
It’s important to ensure your child’s data and devices are secure at school and at home. Check out our to back to school digital security guide.
The post Make password into a story and more parental hacks appeared first on We Live Security.
How to nurture your child’s security genius
Is your child an internet security genius? If cybersecurity is their thing and you think it could be their future livelihood, here’s what you can do to harness that potential for a career that is exciting and financially lucrative. Sign up for free online courses Signing up for the CISSP (Certified Information Systems Security Professional) course
The post How to nurture your child’s security genius appeared first on We Live Security.
Back to university: cybersecurity now a major concern in higher education
Cybersecurity in higher education was top of mind and top of the agenda at the latest Campus Technology conference, in Boston.
The post Back to university: cybersecurity now a major concern in higher education appeared first on We Live Security.
6 child geniuses destined for a career in cybersecurity
There is a huge shortage of skilled professionals in cybersecurity. We take a look at six young geniuses who may be the future of the industry.
The post 6 child geniuses destined for a career in cybersecurity appeared first on We Live Security.
Weekend wrap-up: Cybersecurity news from Avast
Here’s your wrap up of security and privacy related news from the first half of July.
We are very excited to announce the debut of a new series of videos called Avast Hack Chat. Every week we invite a security expert to talk us through the hacks on Mr. Robot, USA Network’s summertime hit TV show. We also talk about current news, technology in pop culture, and tips that you can use in your everyday life to keep your devices and data secure. Please subscribe to Avast Hack Chat on YouTube to see all of our videos.
Read our reviews of the hacks
Pilot episode 1: Are the hacks on Mr. Robot real?
Episode 1.1: Mr. Robot Review: Ones and Zer0s
Episode 1.2: Mr. Robot Review: d3bug.mkv
Episode 1.3: Mr. Robot Review: da3m0ns.mp4
Episode 1.4: Mr. Robot Review: 3xpl0its.wmv
It’s too bad that hacking is not just for TV and movies. Even trusted websites can fall victim to cybercrooks. Online shopping just got a little more risky when the largest e-commerce platform was hacked in order to spy on customers and steal credit card data.
Government agencies, businesses, and individuals need to stay on alert for ransomware. That’s the malware that locks up your files and demands that you pay money to provide the key. Cryptowall recently joined forces with a click fraud botnet to infect individuals and businesses. Our blog explains how to stay safe against infection.
Critical zero-day flaws were discovered in the Adobe Flash Player, Oracle’s Java, and Microsoft’s Internet Explorer. Patches for each have been released. In addition to these patches, Microsoft released a rare emergency “out-of-band” Windows security patch. Make sure that you apply these patches so your machines are running the most secure versions of software.
Now for some good news. Avast Browser Cleanup removes those unwanted browser add-ons. You know the ones. They take up space on your browser, change your search engine, and even your home page. Avast Browser Cleanup has removed more than 650 million unwanted add-ons and extensions from our users’ browsers in the past two years. You can get it for free in all Avast products or download it as a standalone version.
Schools and businesses around the USA are also happy. Two schools; one in Ohio and one in Arizona have recently adopted Avast for Business software to protect their entire network for free. And one lone IT administrator is now able to efficiently manage 500 computers because of Avast for Business’s cloud-based web console.
BYOD, or bring your own device, is a common practice at many businesses around the world. CEO Vince Steckler announced the acquisition of Remotium, a leader in virtual enterprise mobility. Their technology provides enterprises with secure access to business-critical applications from anywhere and from any mobile or desktop device.
Students wanting to know how they did on their AP test installed Avast SecureLine VPN so they could see the scores right away. We have extended the 7-day free trial for an additional 30 days for all these clever kids. We hope you will keep your devices safe while using unsecured Wi-Fi around your new college campus this fall.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
Can hackers get under the hood of your car?
Driving under the influence of alcohol or texting while driving is still a bigger risk to your safety on the road, but the hacking experiments conducted on technology-heavy cars might be an indicator of break-downs to come.
Security researchers have proven that modern cars can be hacked.
Two security engineers proved that a car is not just a transportation device to get from point A to point B, but a vulnerable combination of individual software systems that can be hacked.
Back in 2013, Charlie Miller and Chris Valasek hacked a 2010 Ford Escape and a Toyota Prius. The two researchers demonstrated the ability to send commands from their laptop that did things like jerk the steering wheel, give false readings on the speedometer and odometer, sound the horn continuously, and slam on the brakes while going down the road.
They have done it again, this time with a 2014 Jeep Grand Cherokee.
When the hackers first did their experiment, they hardwired their MacBook directly into the vehicle. This year, they’ve gone wireless, breaking into a few of the 50 vulnerable attack points available to them.
Wired reporter Andy Greenberg acted as Miller and Valasek’s crash test dummy, as he did in the original demonstration. As he was driving the Jeep Cherokee at 70 mph down the interstate, the two hackers sat miles away in Miller’s basement and bombarded Greenberg with multiple attention diverting events at once. The air conditioner blasted cold air, the radio station changed and played at full volume, the windshield wipers came on and blinded his view with wiper fluid.
But it wasn’t only distracting annoyances that the hackers threw at Greenberg. The scary part started when they remotely cut the transmission. Remember, at the time he was driving down the interstate at 70 mph. The Jeep quickly lost speed and slowed to a snail-like crawl. On a busy interstate with zooming cars and an 18-wheeler closing in, you can imagine the fright that Greenberg felt.
Cybersecurity in the auto industry
At the Center for Automotive Research conference this year, it was acknowledged that almost every automaker in the U.S. has a connected “telematics” service, like GM’s OnStar, Ford SYNC, Chrysler’s Uconnect, and BMW Assist. The panelists said that these services are the first point of attack for hackers, and can be used as a springboard to gain access to the owner’s personal data. Because connected vehicles include easy access to smartphone and onboard apps, the driver’s credit cards, bank accounts, or other financial information could be accessed through the cloud. It’s also possible to access location data, vehicle locator, travel direction, and cell phone number.
The security risks presented by Miller and Valasek in 2013 got the attention of U.S. Senators Edward Markey and Richard Blumenthal. This past Tuesday they introduced legislation that would establish federal standards to secure our cars and protect drivers privacy.
Do drivers need to worry about their vehicle getting hacked?
Drivers don’t need to get worried yet. Besides thieves opening car doors with wireless hacks as we described in Mr. Robot Review: da3m0ns.mp4, only one malicious car hacking attack has been documented. In February 2010, a disgruntled employee hacked a fleet with more than 100 cars in Austin, Texas. He infiltrated their web-based vehicle-immobilization systems and essentially “bricked” their vehicles and caused the horns to blast uncontrollably.
How to protect your car from being hacked
- Think of your vehicle not as a simple car anymore, but a sophisticated device like your mobile phone. Familiarize yourself with the new electronic control units. These days that includes the lighting system, the engine and transmission, steering and braking, vehicle access system, and airbags.
- Apply updates and patches when your car manufacturer issues them. For example, Chrysler just notified owners of vehicles with the Uconnect feature that a software update is available.
- If you use services like OnStar, GM’s auto security & information service, don’t leave your documents or password in the car for a thief to find.
- If you use your car as a Wi-Fi hotspot, use a strong password to protect it.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
