A senior UK police officer has suggested that offenders of cybercrime should be penalized by being made to wear Wi-Fi jammers rather than being sent to prison.
The post Cybercriminals ‘should be punished with Wi-Fi jammers’ appeared first on WeLiveSecurity
A US government probe into claims that certain heart implants are vulnerable to hacking attacks, has resulted in emergency security patches being issued for devices that cardiac patients have in their homes.
The post Security scare over hackable heart implants appeared first on WeLiveSecurity
The UK government has recently announced a range of new measures intended to help “police” the internet, identifying and prosecuting cybercriminals and terrorists for instance. In among the proposals of the digital economy bill are plans to restrict access to pornographic websites that breach specific guidelines.
Under the proposal, any websites depicting sex acts that would breach the regulations used by the British Board of Film Classification (BBFC) to issue certificates for movies will be banned. This ban will apply to all UK users – not just children.
This new filter is part of continued government efforts to protect children from accessing pornography online. Previous measures include “age gateways” on porn sites that will demand proof that the user is over-18 before allowing access.
The reality is that children are being exposed to (or choosing to access) more inappropriate images than ever before. Parents, teachers and healthcare professionals are increasingly concerned about what the long term effect of this exposure is, which explains these new initiatives to restrict access.
Already there are many people raising objections to this latest proposal, claiming that a block on certain websites is unfair to adults who are allowed to view pornography. Other complaints focus on the fact that many of the “banned” sex acts are completely legal for consenting adults to engage in. These objections have little bearing on children, but they could force the government to water down their proposals in the long term.
More problematic is the fact that web filters imposed by central governments around the world almost always have loopholes that are exploited by criminals to carry on as normal. It is entirely possible that a UK content filter will have similar gaps in coverage. Alternatively the use of anonymous web proxies will allow determined users to circumvent these safeguards.
The proposed web filter will act as a robust baseline protection for your kids as they surf the web. But it will not be sufficient to keep them completely safe.
True internet security relies on using multiple layers of protection to keep unwanted content out. So it makes sense to install a secondary web content filtering tool like Panda Internet Security to catch anything that makes it through the government’s filters.
Panda Internet Security has the added benefit of being able to detect and block attempts to circumvent security. If one of your kids tries to use an anonymous proxy for instance, the filter will detect and prevent access. You also have the added benefit of industry leading anti-malware protection included as part of your subscription.
Whether the government’s proposed porn filter is ever put in place remains to be seen. But there is nothing to stop you from installing your own filter to protect your children right now.
The post Porn filter: is it enough to protect our children? appeared first on Panda Security Mediacenter.
Justin Liverman, a student from North Carolina, has admitted collaborating in a harassment scheme targeting US officials and their families.
The post Man pleads guilty to role in harassment scheme against senior US government officials appeared first on WeLiveSecurity
Data theft is steadily refashioning itself as a political weapon. This past December, Barack Obama took advantage of his final days in office to take retaliatory measures against Russia. The Obama administration attributes to its Muscovite counterpart the cyberattacks carried out over the course of the recent presidential elections whose goal it was to tip the scales in Donald Trump’s favor for the presidential bid.
In an official statement, Obama announced the measures that include the expulsion of 35 Russian operatives and the introduction of new sanctions against certain people and organizations, including the two primary governmental espionage agencies.
The still-president Obama made this decision despite the Kremlin’s denial of its participation in the cyberattacks against the Democratic National Committee and other organizations in the Democratic Party. These cyberattacks came in the form of a massive email leak (containing many messages that damaged Hillary Clinton’s image), divulged by WikiLeaks to the media and considered to be a crucial element in the results of the election.
Shortly after the White House announcement, the FBI and the NSA published a report accusing Russia of the leak, which affected not only the Democratic Party but also John Podesta, chairman of the Clinton campaign. The document includes technical details of the tools and infrastructure presumably used by Russian intelligence services to “to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities”. These latter victims remain unnamed.
According to the report, that initiative was part of a broader plan that included attacks against other political organisms, corporate infrastructures, data processing centers, universities, and big businesses.
The analysis alludes to two kinds of “spear phishing” attacks, a term which refers to fraudulent emails sent from addresses that belong to or seem to belong to one of the victim’s contacts. The first of them came about in the summer 2015. It was directed toward at least one person from a “U.S. political party”, who received an email with attachments that activated a malware download. This was then able to spread itself throughout the system and “exfiltrate emails from several accounts”.
In September of this year, the FBI warned the DNC for the first time that their systems were under attack by a group known as “the Dukes”, with ties to the Russian government.
The second attack took place in the spring of 2016. This time, the report tells us, the attacks consisted of mass emails requesting a change of password from users, a strategy used to access partymembers’ email accounts. While the investigations are underway, Trump continues to deny that the Russian government had anything to do with the intervention made on his behalf.
There is no doubt that with these and other recent developments in the field of cyberattacks, protecting ourselves and our future is key. Over the coming months we will begin to see more and more news on this prickly subject, a clear example of the influence that hacktivism and cybercrime can have in the geopolitical sphere.
Targeted attacks are commonplace. The only way to face them down is with an advanced cybersecurity solution like Adaptive Defense, keeping your company safe from the sorts of silent breaches that can happen without anyone noticing. Until it’s too late.
The post Attacks That Change the Course of History appeared first on Panda Security Mediacenter.
More needs to be done to better equip children for life in a digital world, according to a new report from England’s children’s commissioner.
The post Children in a digital world ‘need lessons in online safety’ appeared first on WeLiveSecurity
The Federal Trade Commission have launched a competition to encourage the public to devise a technical solution to protect IoT devices from security threats.
The post Federal Trade Commission launches $25,000 IoT security competition appeared first on WeLiveSecurity
The latest version of the Microsoft OS has become once again a topic of discussion, and this time it may carry bad news for your company’s security. As the cybersecurity expert Sami Laiho revealed on his blog, every Windows 10 update poses a serious risk. Namely, while your system updates, anyone can take control of your corporate computers.
“This is a big issue and it has been there for a long time,” explains Laiho. This serious flaw comes into play when the OS restarts after installing a new update. Once the system is being updated, all you need to do to gain control of it is to push Shift-F10 to access the command prompt with admin level clearance.
In light of this, the dangers that your company faces are multifaceted. Indeed, any employee can take control of their computer as administrator, access confidential documents, or access the corporate network and create a serious problem from within the company itself.
Laiho points out that it is not necessary to use any specific software to carry out this cyberattack. Just that innocent combination of keys is enough to sow chaos. As if that wasn’t enough, the threat is not limited to those who have physical access to the computer: “An external threat having access to a computer waits for it to start an upgrade to get into the system,” explains Laiho.
Microsoft is apparently working to fix this serious flaw. Meanwhile, the most important thing to prevent threats is to rely on an adequate security solution, and not to postpone Windows 10’s tedious updates.
Forget about how long the update takes. Ideally you would authorize it immediately and stay with the computer at all times. This is the only way to be sure that no bystanders take the driver’s seat of your computer. It is obviously very important to explain this to employees.
In the meantime, we’ll have to trust that they will not commandeer the system themselves and wait for Microsoft to resolve this critical vulnerability.
The post The Dangers of the New Windows 10 Update System appeared first on Panda Security Mediacenter.
Netflix has become the latest big name brand to have one of its social media accounts hijacked by OurMine.
The post OurMine hijacks Netflix’s US Twitter account appeared first on WeLiveSecurity
The head of the UK’s NCSC has been asked to offer more detail into how the financial services sector will be protected from cyberattacks.
The post NCSC boss asked to detail efforts to protect financial services sector against cyberattacks appeared first on WeLiveSecurity
