Security News

• Singapore warns eight cryptocurrency exchanges not to engage in unauthorised trading
  Eight unnamed digital token exchanges have been told not to facilitate trading that involved securities or futures contracts without authorisation from the local regulator MAS, which also stopped an ICO.
  
• Box brings multi-region data storage support to customers ahead of GDPR
  Box Zones allows enterprise clients to store data in different regions to address compliance issues which may be caused by GDPR.
  
• ​My Health Record stands up cybersecurity centre to monitor access
  Those who choose to keep their My Health Record will also have a real-time log of who has accessed their information.
  
• Talos finds new VPNFilter malware hitting 500K IoT devices, mostly in Ukraine
  Cisco's Talos has published preliminary findings of the VPNFilter malware, which is targeting mostly consumer internet routers from a range of vendors, with some consumer NAS devices also hit.
  
• ​Samsung's logic chip biz turns to AI chips and 5G for change of fortune
  Samsung System LSI, which makes logic chips such as mobile application processors, sees the advent of the 5G era as an 'unimaginable business opportunity' that may turn its fortunes within a year. Expect AI chips for data centers and safety chips for autonomous vehicles soon, its chief says.
  
• Victoria overhauls traffic camera network after WannaCry
  The Victorian government has announced an overhaul of its traffic and speed camera network following infection from WannaCry in June.
  
• Securitychkr
  Use securitychkr to keep tabs on your firewall continuously -- it alerts immediately on either port open, or closed, or both, for any...
  
• C3 IoT, Intel partner to offer software and hardware optimized for AI
  The companies are offering the AI Appliance, which is designed for customers building on-premise, hybrid and edge-based AI and IoT applications.
  
• Why even the best free VPNs are not a risk worth taking
  Here's a question. If you're not paying for your VPN service, where is the provider getting the money to run it? The answer might cause you to lose some sleep.
  
• How Stitch Fix uses machine learning to master the science of styling
  For Stitch Fix, machine learning has delivered measurable results, including increased revenue, decreased costs, and boosts to customer satisfaction.
  

• Researchers Say More Spectre-Related CPU Flaws On Horizon
  Yet another speculative execution side channel flaw has been disclosed in processors - and security experts warn that more may be out there.
  
• Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical
  A pen-tester has found five vulnerabilities in Dell EMC RecoverPoint devices, including a critical RCE that could allow total system compromise.
  
• Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords
  A bug in Comcast’s activation website for its Xfinity routers leaked sensitive customer data.
  
• Intel Responds to Spectre-Like Flaw In CPUs
  Intel on Monday acknowledged that its processors are vulnerable to another Spectre-like speculative execution side channel flaw that could allow attackers to access information.
  
• Malicious PHP Script Infects 2,400 Websites in the Past Week
  A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites.
  
• TeenSafe Tracking App Exposes Thousands of Private Records
  Records for a mobile app that parents can use to monitor what their kids are doing online has been exposed in the latest Amazon Web Services cloud misconfiguration.
  
• Roaming Mantis Swarms Globally, Spawning iOS Phishing, Cryptomining
  Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly evolved just in the past month.
  
• Wicked Botnet Uses Passel of Exploits to Target IoT
  The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers.
  
• Hurdles Remain After Senate Votes To Restore Net Neutrality
  The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on the fast track to a House vote.
  
• Latin American ‘Biñeros’ Bond Over Fraudulent Purchase Scheme
  A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible.