Researchers detail a MITM attack on SSH that can break the integrity of the protocol, the first “practical attack of its kind”; fixes face compatibility issues
SSH is an internet standard that provides secure access to network services … Connor Jones / The Register : SSH shaken, not stirred by Terrapin vulnerability Terrapin Attack : Terrapin Attack: Breakin...
Thoughts on why Chrome 69's forced login behavior is so bad: when Google silently changes its biggest user-facing privacy option, it risks burning users' trust
Here's What to Do About It Ben Schoon / 9to5Google : Google Chrome 69 doesn't automatically track your history when you log in to Google services Andrii Degeler / Engadget : Google is quietly logging ...
Multiple OSes including Windows, macOS, and Linux were affected by a serious security flaw caused by developers misinterpreting chipmakers' documentation
Modern processors provide debugging … Christopher Baugh / iPhone in Canada Blog : Every Major OS Maker Hit By Security Flaw Actively Being Exploited to Hack Users The Register : Every major OS maker m...
Cambridge Analytica claims to not use Facebook data in voter profiles, perhaps because the models it built from 2014 data do not require more data from Facebook
Last week Reuters reported on the Harris Brand Survey: Casey Johnston / The Outline : Cambridge Analytica's leak shouldn't surprise you, but it should scare you Todd Haselton / CNBC : How to control w...
Experts reveal 13 alleged flaws in AMD Ryzen and EPYC chips, just 24 hours after showing AMD, that allow malware to be installed on secure portions of the chips
And Face Their Own Backlash Paul Alcorn / Tom's Hardware : Report Claims AMD Ryzen, EPYC CPUs Contain 13 Security Flaws (Updated) Viceroy Research : AMD - The Obituary — Viceroy analyze CTS Labs' re...
Sources: hackers stole NSA data on US offensive and defensive cyber capabilities from a contractor's laptop in 2015, likely via Kaspersky software
This Time with Kaspersky's Help Associated Press : Report: Russian hackers target secrets taken by NSA worker Steven Musil / CNET : Russian hackers reportedly stole NSA cyber secrets in 2015 Gareth Ha...
Password manager OneLogin compromised, says hackers have ability to decrypt encrypted data and all users served by US data center are affected
attackers access data and decryption keys Alvaro Hoyos / OneLogin Identity Management Blog : May 31, 2017 Security Incident (UPDATED June 1, 2017) JC Torres / SlashGear : OneLogin attacker may have go...
Linux Mint site hacked on Feb. 20: hundreds downloaded a backdoored-variant of the Linux distro; Mint forum data including personal info for sale on dark web
Some people claim that Linux … Paul Ducklin / Naked Security : World's biggest Linux distro infected with malware Stefan Ortloff / Securelist : Beware of Backdoored Linux Mint ISOs Jim Lynch / InfoWor...
Researchers Create First Firmware Worm That Attacks Macs
Trammell Hudson's Projects Darlene Storm / Computerworld : Macs can be remotely infected with firmware malware that remains after reformatting JC Torres / SlashGear : These OS X malware are like zombi...
Microsoft releases emergency patch for Windows Vista, 7, 8, 8.1, RT, Server 2008 and later; vulnerability also affects Windows 10 Preview
update now Cale Guthrie Weissman / Business Insider : Microsoft issued an emergency fix for a vulnerability that let hackers ‘take complete control’ of affected computers Gareth Halfacree / bit-tech.n...