CISO with a small security team? Learn from your peers’ experience with this free e-book

December 2nd, 2020
by The Feeder
CISOs with small security teams hold an intensive juggling act. They're responsible for sustaining the company's security resilience, ensuring compliance is adhered to and implementing privacy controls. In between these tasks, they need to follow up on board updates, lead cross-team communications and collaboration, and fight fires that may or may not be related to cybersecurity. All the while,

Posted in Uncategorized | Comments (0)

Google Hacker Details Zero-Click ‘Wormable’ Wi-Fi Exploit to Hack iPhones

December 2nd, 2020
by The Feeder
Google Project Zero whitehat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device]

Posted in Uncategorized | Comments (0)

CDC experts voted: Here’s who should get the first COVID-19 vaccine doses

December 2nd, 2020
by The Feeder
Vials with COVID-19 Vaccine labels showing logos of pharmaceutical company Pfizer and German biotechnology company d BioNTech.

Enlarge / Vials with COVID-19 Vaccine labels showing logos of pharmaceutical company Pfizer and German biotechnology company d BioNTech. (credit: Getty | Photonews)

The very first doses of any approved COVID-19 vaccine should go to both front-line healthcare workers and residents of long-term care facilities, a committee of expert advisors for the Centers for Disease Control and Prevention recommended in an emergency meeting Tuesday evening.

The committee’s recommendation now moves to CDC director Robert Redfield for approval before it becomes official federal guidance. And, ultimately, states will make their own final decisions on how to distribute the first coveted shipments of vaccine vials.

Still, the committee—the Advisory Committee on Immunization Practices (ACIP)—has for decades set such vaccine policy recommendations and states are likely eager to have its guidance settled as they try to finalize their plans. States have only until this coming Friday, December 4, to place their first vaccine orders with the federal government. The orders will determine which facilities in each state will get vaccine shipments and how much vaccine each facility will receive out of their state's limited allotment.

Read 15 remaining paragraphs | Comments

Posted in ACIP, CDC, immunization, Infectious disease, public health, science, vaccine | Comments (0)

iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

December 2nd, 2020
by The Feeder
The screen on the iPhone 12 Pro Max

Enlarge / That's a lot of screen. (credit: Samuel Axon)

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one near-by device to another, once again, with no user interaction needed.

This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm. In a 30,000-word post published on Tuesday afternoon, Beer described the vulnerability and the proof-of-concept exploit he spent six months developing single handedly. Almost immediately, fellow security researchers took notice.

Beware of dodgy Wi-Fi packets

“This is a fantastic piece of work,” Chris Evans, a semi-retired security researcher and executive and the founder of Project Zero, said in an interview. “It really is pretty serious. The fact you don’t have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you’re walking along, the phone is in your pocket, and over Wi-Fi someone just worms in with some dodgy Wi-Fi packets.”

Read 6 remaining paragraphs | Comments

Posted in apple, Biz & IT, exploits, iOS, iphone, Tech, vulnerabilities, wi-fi | Comments (0)

Unmanaged Devices Heighten Risks for School Networks

December 2nd, 2020
by The Feeder
Gaming consoles, Wi-Fi Pineapples, and building management systems are among many devices Armis says it discovered on K-12 school networks.

Posted in Uncategorized | Comments (0)

Online OpSec: Threat models and tools for staying safe, private and informed while Online, used by the average person (edited daily, feedback encouraged)

December 1st, 2020
by The Feeder
submitted by /u/devbret_
[link] [comments]

Posted in netsec | Comments (0)

Not Even William Barr Buys Trump’s Election Nonsense

December 1st, 2020
by The Feeder
The attorney general has long been one of the president’s chief apologists. Not this time.

Posted in not rigged, security, Security / National Security | Comments (0)

Exterminate! BBC drops trailer for Revolution of the Daleks special

December 1st, 2020
by The Feeder

Jodie Whittaker's Doctor is a prisoner of the Judoon in Doctor Who: Revolution of the Daleks, a holiday special that will air on New Year's Day 2021.

The series 12 finale of Doctor Who back in March ended on a cliffhanger, with Jodie Whittaker's Thirteenth Doctor imprisoned and her loyal companions (or "fam") back on Earth without her. Fortunately, we don't have much longer to wait to find out what happens. The BBC dropped the official trailer for the upcoming holiday special, Revolution of the Daleks, slated to air on New Year's Day.

(Spoilers for S12 below.)

As I noted in my review earlier this year, series 12 felt like classic Doctor Who, to the delight of longtime fans disappointed by Whittaker's first outing. (I thought that first outing was solid and showed a lot of promise.) In the episode "Fugitive of the Judoon," the Doctor encountered the intergalactic police force-for-hire, the Judoon (introduced in the series three episode "Smith and Jones"). The Judoon were supposedly hunting a man who lived in Gloucester with his wife, Ruth (Jo Martin). But their true target turned out to be Ruth, who recovered lost memories and declared herself to be the Doctor, with her own buried blue police box TARDIS. Yet neither Doctor had any recollection of the other.

Read 9 remaining paragraphs | Comments

Posted in BBC, BBC America, Doctor Who, Entertainment, Gaming & Culture, jodie whittaker, Revolution of the daleks, Television | Comments (0)

Salesforce acquires Slack for $27.7 billion

December 1st, 2020
by The Feeder
Slack logo floats in a cartoon sea.

Enlarge / Slack is evaporating into the Salesforce cloud, you could say. (credit: Aurich Lawson)

Salesforce, a cloud-services company that targets businesses, has announced that it will acquire workplace communication service Slack for $27.7 billion. The announcement follows a week of rumors and a steep bump in Slack's value on the stock market in anticipation of the deal being made official.

Neither company has yet to announce in any detail what this will mean for users and customers. Salesforce is sure to include Slack in some of its broader bundles and, to more tightly integrate Slack with its other software services, "Slack will be deeply integrated into every Salesforce Cloud" and will become "the new interface for Salesforce Customer 360," the press release says.

But anything else beyond that is speculation at this point. New features and development priorities or adjusted pricing models are possibilities, but we also don't yet know when any user-relevant changes related to this acquisition will actually take place, either.

Read 7 remaining paragraphs | Comments

Posted in acquisition, Marc Benioff, microsoft, Microsoft Teams, Salesforce, slack, Stewart Butterfield, Tech | Comments (0)

Inside North Korea’s Rapid Evolution to Cyber Superpower

December 1st, 2020
by The Feeder
Researchers examine North Korea's rapid evolution from destructive campaigns to complex and efficient cyber operations.

Posted in Uncategorized | Comments (0)