News - New England Safety Partners, LLC

GPS Vulnerabilities

February 22, 2021 Cyber Security Ed Gardner 0

Really good op-ed in the New York Times about how vulnerable the GPS system is to interference, spoofing, and jamming — and potential alternatives.

The 2018 National Defense Authorization Act included funding for the Departments of Defense, Homeland Security and Transportation to jointly conduct demonstrations of various alternatives to GPS, which were concluded last March. Eleven potential systems were tested, including eLoran, a low-frequency, high-power timing and navigation system transmitted from terrestrial towers at Coast Guard facilities throughout the United States…

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

February 19, 2021 Cyber Security Ed Gardner 0

From the Monterey Bay Aquarium.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

February 19, 2021 Cyber Security Ed Gardner 0

From the Monterey Bay Aquarium.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

February 19, 2021 Cyber Security Ed Gardner 0

The leader of Mexico’s Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico’s top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015.

Router Security

February 19, 2021 Cyber Security Ed Gardner 0

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security.

Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of Linux. Most devices are still powered with a 2.6 Linux kernel, which is no longer maintained for many years. This leads to a high number of critical and high severity CVEs affecting these devices.
Since Linux is the most used OS, exploit mitigation techniques could be enabled very easily. Anyhow, they are used quite rarely by most vendors except the NX feature…

WEIS 2021 Call for Papers

February 18, 2021 Welcome Ed Gardner 0

The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.

Virginia Data Privacy Law

February 18, 2021 Welcome Ed Gardner 0

Virginia is about to get a data privacy law, modeled on California’s law.

U.S. Indicts North Korean Hackers in Theft of $200 Million

February 17, 2021 Cyber Security Ed Gardner 0

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted theft of more than $1.2 billion from banks and other victims worldwide.

Browser Tracking Using Favicons

February 17, 2021 Cyber Security Ed Gardner 0

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page name.)

Abstract: The privacy threats of online tracking have garnered considerable attention in recent years from researchers and practitioners alike. This has resulted in users becoming more privacy-cautious and browser vendors gradually adopting countermeasures to mitigate certain forms of cookie-based and cookie-less tracking. Nonetheless, the complexity and feature-rich nature of modern browsers often lead to the deployment of seemingly innocuous functionality that can be readily abused by adversaries. In this paper we introduce a novel tracking mechanism that misuses a simple yet ubiquitous browser feature: …

Malicious Barcode Scanner App

February 16, 2021 Cyber Security Ed Gardner 0

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s been around since 2017 and is owned by the Ukrainian company Lavabird Ldt. But a December 2020 update included some new features:

However, a rash of malicious activity was recently traced back to the app. Users began noticing something weird going on with their phones: their default browsers kept getting hijacked and redirected to random advertisements, seemingly out of nowhere.

Generally, when this sort of thing happens it’s because the app was recently sold. That’s not the case here…

« 1 … 120 121 122 123 124 … 233 »