Recent Posts

Apple Health Data Used in German Murder Trial

Apple Health Data Used in German Murder Trial

It was reported that data from Apple’s Health App had provided crucial evidence in a recent trial involving a refugee accused of rape and murder. The police suggested that the steps recorded by the Health App in the suspect’s phone may help confirm his activity. Hussein K, the accused, is said to have dragged his victim down the River Dresiam and climbed back up. The refugee admitted to only some of the details in the rape and murder of 19-year old medical student Maria Ladenburger which happened in October 2016.      Source: BBC

Chinese Govt Takes Down Marriott Website for Tibet, Taiwan Mistake

Chinese Govt Takes Down Marriott Website for Tibet, Taiwan Mistake

China recently shut down the local websites of Marriott International for listing Tibet, Taiwan, Hong Kong and Macau as individual nations and accused the multinational hotel company of supporting separatist movements. The government also said that one of Marriott’s social media accounts had liked a post by a group supporting the the Tibetan separatist movement. Shanghai Cyberspace Administration immediately issued an order to close down the Mandarin version website of Marriott, as well as its app. The international website however, is still up. In response, Marriott CEO Arne Sorenson apologized last Thursday and reiterated that the hotel group “respects and […]

Major Intel AMT Security Flaw Discovered, Allows Bypass of BIOS & Bitlocker Passwords

Major Intel AMT Security Flaw Discovered, Allows Bypass of BIOS & Bitlocker Passwords

A researcher from F-Secure recently found a flaw in Intel’s Active Management Technology (AMT) which can allow an attacker to bypass security measures such as BIOS passwords, BitLocker credentials, and TPM pins. The security bug can be used by attackers to gain access to corporate computers provisioned with Intel AMT, which is a CPU feature that allows system admins to perform remote out-of-band management without needing physical access to the device. The researcher, Harry Sintonen said that the attacker can select the Intel Management Engine BIOS Extension (MEBx) for the boot-up routine, to  bypass any previous BIOS, BitLocker, or TPM […]

Google Releases New Meltdown-Spectre Fix, Claims No Performance Degradation

Google Releases New Meltdown-Spectre Fix, Claims No Performance Degradation

Google says that its newly released Retpoline fix for the Variant 2 of the Spectre security flaw will not cause any significant performance degradation compared to fixes from other manufacturers. The fix is said to address the most difficult vulnerability, according to both Microsoft and Google. Intel even confirmed last Thursday that their fix may cause an impact on performance, and results may vary based on the specific workload, platform configuration and mitigation technique. Meanwhile, VP of Google’s 24×7 Ben Treynor Sloss says that their patch has been proven to be stable since they have yet to receive a support […]

Investors Not Happy with New Facebook Changes

Investors Not Happy with New Facebook Changes

Last Friday, Facebook shares slid down more than 4% as CEO Mark Zuckerberg announced changes to the platform that may translate to a negative impact on user engagement. Zuckerberg said that they will be adjusting the News Feed to display more from the user’s family and friends while reducing non-ad posts from businesses and brands. In a research note, Stifel analyst Scott Devitt said that he is changing his recommendation from “buy” to “hold” since there’s too much uncertainty surrounding the economic impact of Facebook’s recent decision. However, some hedge funds took advantage of the price drop to add to […]

Ant Financial Censured by China’s Cyber Watchdog Over Privacy Issue

Ant Financial Censured by China’s Cyber Watchdog Over Privacy Issue

It was been reported that the Cyberspace Administration of China (CAC) had berated Alibaba’s payment affiliate, Ant Financial, for compromising the privacy of Alipay service users who got enrolled automatically into the company’s credit scoring system without their consent. Some users were apparently unaware that they had to uncheck an opt out button on a financial analysis feature by Alipay. Data of users who did not opt out were collected by Sesame Credit and shared with its partners for analysis.   Nie Zhengjun, Ant Financial’s chief privacy officer, apologized for the breach and said that the company had already initiated […]

Chatham House Warns Cyberattack Could Lead to Nuclear Strike

Chatham House Warns Cyberattack Could Lead to Nuclear Strike

A London-based think tank, Chatham House, recently warned that aging and unsophisticated technology such as nuclear weapons systems may be triggered by cyber attacks. The think tank added that cyberattacks on such systems could cause escalations during times of heightened tension. The comments were made in relation to the increasing US concern on North Korea’s use of cyber attacks alongside traditional weapons. The rogue regime is considered to be on of the world’s most dangerous cyber actors and is being suspected as the perpetrators behind the 2014 Sony hack.   Source: NBC News

Conflicting Reports on South Korean Cryptocurrency Ban Shakes Up Markets

Conflicting Reports on South Korean Cryptocurrency Ban Shakes Up Markets

Last Thursday, conflicting reports from South Korea on a possible ban on cryptocurrency was said to have contributed to a massive sell off driven by FUD (fear, uncertainty, doubt). Reuters had initially reported that the country’s Justice Minister, Park Sang-ki, revealed the planned ban in a press conference. However, South Korea-based Cointelegraph reporter Joseph Young tweeted that the South Korean Ministry of Strategy and Finance did not agree with the decision, citing local sources. Young also clarified that the “raids” of authorities on local exchanges reported by Reuters and other mainstream media outlets were highly exaggerated and were in fact […]

Bad App Design May Compromise Industrial Control Systems

Bad App Design May Compromise Industrial Control Systems

In a blog post entitled SCADA and Mobile Security in the Internet of Things, Analysts from IOActive and Embedi recently suggested that most mobile applications used for controlling internet-connected SCADA (industrial control and supervisory control and data acquisition) are being made without giving much thought to security. This can compromise systems used to control facilities such as nuclear power plants. Director of advisory services at IOActive Jason Larsen said that such apps are being built with the same rapid development mindset adopted by most mobile devs, instead of the measured and tested development employed in industrial control. The researchers found […]

Second Meltdown Fix for Ubuntu Released  

Second Meltdown Fix for Ubuntu Released  

After receiving reports that the initial Meltdown fix released last Tuesday had caused some Ubuntu systems not to boot, Canonical immediately released a second version last Wednesday, along with a security notice. The company behind the popular Linux distro apologized and confirmed in a post that the Meltdown fix was indeed responsible for the booting issue on Ubuntu 16.04 LTS Xenial machines. However, the second update proved to have addressed the issue completely, according to several users who wrote on the Ubuntu forums. VP of Ubuntu product development for Canonical Dustin Kirkland also tweeted that the fix for the Spectre […]