General Cyber News via Ars Technica Risk Assessment

Why big ISPs aren’t happy about Google’s plans for encrypted DNS

DNS over HTTPS will make it harder for ISPs to monitor or modify DNS queries.
Publish Date: 9/30/2019
read more -->

New clues show how Russia’s grid hackers aimed for physical destruction

2016 Russian cyberattack on Ukraine intended to cause far more damage than it did.
Publish Date: 9/14/2019
read more -->

600,000 GPS trackers for people and pets are using 123456 as a password

A lack of encryption and easily enumerated IDs open users to a host of creepy attacks.
Publish Date: 9/5/2019
read more -->

Google Play app with 100 million downloads executed secret payloads

The sad, impractical truth about Android app security in 2019.
Publish Date: 8/27/2019
read more -->

Self-driving car service open sources new tool for securing firmware

FwAnalyzer provides continuous automated analysis of firmware images.
Publish Date: 8/7/2019
read more -->

Judge allows suit against AT&T after $24 million cryptocurrency theft

It's usually not possible to reverse fraudulent cryptocurrency transactions.
Publish Date: 7/23/2019
read more -->

Tech firms “can and must” put backdoors in encryption, AG Barr says

He's tired of "dogmatic announcements that lawful access simply cannot be done."
Publish Date: 7/23/2019
read more -->

Silent Mac update nukes dangerous webserver installed by Zoom

Fix also requires users to confirm they want to join a Zoom conference.
Publish Date: 7/10/2019
read more -->

Microsoft OneDrive gets a more secure Personal Vault, plus additional storage options

Microsoft is adding a protected section to its cloud storage.
Publish Date: 6/25/2019
read more -->

The clever cryptography behind Apple’s “Find My” feature

You can track down your stolen MacBook, but no one else can—not even Apple.
Publish Date: 6/6/2019
read more -->

Windows 10 May 2019 Update now rolling out to everyone… slowly

Unless you explicitly want it installed, you probably won't get this update.
Publish Date: 5/21/2019
read more -->

>20,000 Linksys routers leak historic record of every device ever connected

Linksys said it fixed flaw in 2014. Researcher Troy Mursch disagrees.
Publish Date: 5/18/2019
read more -->

The radio navigation planes use to land safely is insecure and can be hacked

Radios that sell for $600 can spoof signals planes use to find runways.
Publish Date: 5/15/2019
read more -->

New speculative execution bug leaks data from Intel chips’ internal buffers

Intel-specific vulnerability was found by researchers both inside and outside the company.
Publish Date: 5/14/2019
read more -->

Bloomberg alleges Huawei routers and network gear are backdoored

Details are scarce, but the "backdoor" appears to be benign.
Publish Date: 4/30/2019
read more -->

Password1, Password2, Password3 no more: Microsoft drops password expiration rec

For years, Microsoft's baseline security policy has expired passwords after 60 days.
Publish Date: 4/25/2019
read more -->

McAfee joins Sophos, Avira, Avast—the latest Windows update breaks them all

A range of fixes and workarounds have been published.
Publish Date: 4/19/2019
read more -->

Hackers could read non-corporate Outlook.com, Hotmail for six months

Hackers and Microsoft seem to disagree on key details of the hack.
Publish Date: 4/15/2019
read more -->

To catch a drug thief, hospital secretly recorded births, women’s surgeries

81 women claim their privacy was violated as hospital tried to trap a drug thief.
Publish Date: 4/3/2019
read more -->

Woman from China, with malware in tow, illegally entered Trump’s Mar-a-Lago

Event raises serious questions about security practices of the US Secret Service.
Publish Date: 4/3/2019
read more -->