Firefox and Chrome Fight Back Against Kazakhstan's Spying

Firefox and Chrome Fight Back Against Kazakhstan's Spying

In addition to concerns about mass surveillance, the group also cited repeated incidents of internet censorship in which the Kazakh government has blocked access to communication, social media, and news services for hours at a time during political speeches, protests, and other controversial national events.

You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t)

You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t)

Jailbreaking allows iOS users to add apps and other functions that Apple wouldn't normally permit to their iPhones. "This is rather inexcusable, as it puts millions of iOS users at risk," says Patrick Wardle, principal security researcher at the Mac management firm Jamf.

A Fungus Could Wipe Out the Banana Forever

A Fungus Could Wipe Out the Banana Forever

Now 99 percent of all exported bananas are Cavendish—with almost all of them grown in Latin America.“What we’re having is an almost apocalyptic scenario where we’ll probably lose Cavendish as well,” says Sarah Gurr, Exeter University’s chair in food security.

Facebook's Voice Transcripts Were More Invasive Than Amazon's

Facebook's Voice Transcripts Were More Invasive Than Amazon's

Researchers from the security firm Pen Test Partners published findings this week that an attacker would just need a person's username to track them. A new vulnerability and corresponding exploit of Bluetooth could allow an attacker to determine the encryption keys used during device pairing and let themselves in on the party.

How Facebook Catches Bugs in Its 100 Million Lines of Code

How Facebook Catches Bugs in Its 100 Million Lines of Code

So four years ago, Facebook engineers began building a customized assessment tool that not only checks for known types of bugs but can fully scan the entire codebase in under 30 minutes—helping engineers catch issues in tweaks, changes, or major new features before they go live.

DejaBlue: New BlueKeep-Style Bugs Mean You Need to Update Windows Now

DejaBlue: New BlueKeep-Style Bugs Mean You Need to Update Windows Now

Marcus Hutchins, a security researcher who has closely followed the RDP vulnerabilities and coded a proof-of-concept tool for exploiting BlueKeep, says that there may well be more machines vulnerable to DejaBlue than to BlueKeep.

A Cure for Ebola, A Home-Speaker Cyberattack, and More News

A Cure for Ebola, A Home-Speaker Cyberattack, and More News

A Cure for Ebola, A Home-Speaker Cyberattack, and More News. A new drug is working to cure ebola, hackers figured out how to weaponize home-speakers, and tech is coming to the aid of migrants on the border.

Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons

Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons

But Matt Wixey, cybersecurity research lead at the technology consulting firm PWC UK, says that it’s surprisingly easy to write custom malware that can induce all sorts of embedded speakers to emit inaudible frequencies at high intensity, or blast out audible sounds at high volume.

Watch a Drone Take Over a Nearby Smart TV

Watch a Drone Take Over a Nearby Smart TV

At the Defcon hacker conference today, independent security researcher Pedro Cabrera showed off in a series of hacking proofs-of-concept attacks how modern TVs—and particularly Smart TVs that use the internet-connected HbbTV standard implemented in his native Spain, across Europe, and much of the rest of the world—remain vulnerable to hackers.

A Remote-Start App Exposed Thousands of Cars to Hackers

A Remote-Start App Exposed Thousands of Cars to Hackers

But with any of three different security flaws present across those apps—which Jmaxxz says he reported to the company and have since been fixed—he says he could have gained access to MyCar's database backend, letting him or a less friendly hacker pinpoint and steal any car connected to the MyCar app, anywhere in the world.

Hackers Could Decrypt Your GSM Phone Calls

Hackers Could Decrypt Your GSM Phone Calls

But at the DefCon security conference in Las Vegas on Saturday, researchers from the BlackBerry are presenting an attack that can intercept GSM calls as they're transmitted over the air and decrypt them to listen back to what was said.

This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station'

This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station'

The tool uses open source image recognition software to automatically put an alert on the Tesla's display and the user's phone if it repeatedly sees the same license plate.

Election Systems Are Even More Vulnerable Than We Thought

Election Systems Are Even More Vulnerable Than We Thought

But a group of security researchers told Motherboard this week they found what look like election infrastructure online in 10 states, including swing states like Wisconsin, Michigan, and Florida.

This Teen Hacker Found Bugs in School Software That Exposed Millions of Records

This Teen Hacker Found Bugs in School Software That Exposed Millions of Records

In Follett's software, Demirkapi says he found bugs that would have given a hacker access to student data like grade point average, special education status, number of suspensions, and passwords.

Hackers Take on Darpa's $10 Million Voting Machine

Hackers Take on Darpa's $10 Million Voting Machine

The agency hopes to use voting machines as a model system for developing a secure hardware platform—meaning that the group is designing all the chips that go into a computer from the ground up, and isn’t using proprietary components from companies like Intel or AMD.

How Safecrackers Can Unlock an ATM in Minutes—Without Leaving a Trace

How Safecrackers Can Unlock an ATM in Minutes—Without Leaving a Trace

Over the last two and a half years, Davis has found techniques to crack three different types of the Kaba Mas high-security electronic combination locks the company has sold for securing ATM safes, pharmacy drug cabinets, and even Department of Defense facilities, representing millions of locks around the world.

Inside the Hidden World of Elevator Phone Phreaking

Inside the Hidden World of Elevator Phone Phreaking

At the Defcon hacker conference in Las Vegas today, Caruana will give a talk on a very specific subgenre of that pastime: Phreaking elevator phones, the emergency call boxes legally mandated in every elevator in America, and largely left wide open to any caller who can determine their numbers.

How Apple Pay Buttons Can Make Websites Less Safe

How Apple Pay Buttons Can Make Websites Less Safe

Maddux has since noticed that Apple has revised its documentation for adding an Apple Pay button to make it less likely that sites will integrate it in this potentially vulnerable way.

Apple Gives Hackers a Special iPhone—And a Bigger Bug Bounty

Apple Gives Hackers a Special iPhone—And a Bigger Bug Bounty

Only three years ago did it suddenly shift its attitude towards security researchers, offering bounties as high as $200,000 to researchers who revealed some types of vulnerabilities in the iPhone .But even then, Apple's bug bounty program remained invite-only, open to only a select group of Apple's preferred and trusted researchers.

How a 10-Year-Old Desk Phone Bug Came Back From the Dead

How a 10-Year-Old Desk Phone Bug Came Back From the Dead

Povolny says that with the Avaya desk phones, it took only basic hacking skills to gain access to the device's systems and firmware (the foundational code that coordinates a device's hardware and software) and analyze them for flaws.

Hidden Algorithm Flaws Expose Websites to DoS Attacks

Hidden Algorithm Flaws Expose Websites to DoS Attacks

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.Nathan Hauke and David Renardy of the security firm Two Six Labs started looking for these "algorithmic complexity" issues in mainstream services, and quickly found them in PDF readers, remote desktop servers, and a popular password strength evaluation tool.

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors.

Samsung's New Phones, a Dangerous Boeing 787 Flaw, and More News

Samsung's New Phones, a Dangerous Boeing 787 Flaw, and More News

Samsung revealed new Galaxy Note phones, a security researcher discovered vulnerabilities in the Boeing 787, and hackers can get into your phone with just a text message. Security researchers lifted the curtain on "interaction-less bugs" in Apple's iOS that would allow a hacker access to your phone without you doing anything at all.

Hackers Can Break Into an iPhone Just by Sending a Text

Hackers Can Break Into an iPhone Just by Sending a Text

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.Silvanovich, who worked on the research with fellow Project Zero member Samuel Groß, got interested in interaction-less bugs because of a recent, dramatic WhatsApp vulnerability that allowed nation-state spies to compromise a phone just by calling it—even if the recipient didn’t answer the call.

13-Year-Old Encryption Bugs Still Haunt Apps and IoT

13-Year-Old Encryption Bugs Still Haunt Apps and IoT

But at the Black Hat security conference in Las Vegas on Wednesday, Purdue University researcher Sze Yiu Chau has a warning for the security community about a different threat to encryption: vulnerabilities that were discovered more than a decade ago still very much persist today.

Apple Contractors Will Stop Listening to Your Siri Recordings—For Now

Apple Contractors Will Stop Listening to Your Siri Recordings—For Now

Security News This Week: Apple Contractors Will Stop Listening to Your Siri Recordings—For Now. Justin Sullivan. After a report in The Guardian detailed Apple's use of contractors to "grade" the recordings of Siri users, the company has said it will suspend the program.

5G Is Here—and Still Vulnerable to Stingray Surveillance

5G Is Here—and Still Vulnerable to Stingray Surveillance

The researchers found that they could use their first stingray attack to modify a device's stated category number during the connection process, downgrading it to an older network.

An iPhone App That Protects Your Privacy—For Real This Time

An iPhone App That Protects Your Privacy—For Real This Time

The Guardian Firewall app runs in the background of an iOS device, and stymies data and location trackers while compiling a list of all the times your apps attempt to deploy them.

Russia Is Going to Up Its Game for the 2020 Elections

Russia Is Going to Up Its Game for the 2020 Elections

As the top-ranking Democrat on the Senate Intelligence Committee, Warner has long been a vocal proponent of new legislation to strengthen election protections, such as the Honest Ad Act, which would compel Silicon Valley firms to disclose when political ads are paid for by a foreign nation.

John Ratcliffe Is a Dangerous Pick for Director of National Intelligence

John Ratcliffe Is a Dangerous Pick for Director of National Intelligence

The news Sunday that Trump planned to tap representative John Ratcliffe (R-Texas) as director of national intelligence, replacing former senator Dan Coats, left many even on Capitol Hill scratching their heads: Who?

More