General Cyber News via Ars Technica Risk Assessment

Cryptography failure leads to easy hacking for PlayStation Classic

Plug-and-play hardware lacks even basic functional security for crucial bootrom.
Publish Date: 12/10/2018
read more -->

Marriott breach leaves 500 million exposed with passport, card numbers stolen

Motivations of hackers are unclear, but proprietary Wi-Fi may have been a target.
Publish Date: 11/30/2018
read more -->

Now it’s Office’s turn to have a load of patches pulled

Two patches pulled altogether; another is known to cause crashes but should be used anyway.
Publish Date: 11/20/2018
read more -->

Spectre, Meltdown researchers unveil 7 more speculative execution attacks

Systematic analysis reveals a range of new issues and a need for new mitigations.
Publish Date: 11/14/2018
read more -->

Windows 10 October 2018 Update is back, this time without deleting your data

Microsoft is opening up about some of its testing procedures, too.
Publish Date: 11/13/2018
read more -->

Another Windows 0-day flaw has been published on Twitter

And on GitHub there's a proof-of-concept that'll render your system unbootable.
Publish Date: 10/24/2018
read more -->

How to make elections secure in the age of digital operatives

Former Facebook CSO Alex Stamos tells us what he learned in 2016 and what comes next.
Publish Date: 10/24/2018
read more -->

Meet Helm, the startup taking on Gmail with a server that runs in your home

Fee-based service couples the security of a private server with the reliability of the cloud.
Publish Date: 10/17/2018
read more -->

Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0

Almost everyone has now migrated to TLS 1.2, and a few have moved to TLS 1.3.
Publish Date: 10/16/2018
read more -->

Already facing an uphill misinformation fight, Facebook loses to scammers, too

Facebook's focus on misinformation is leaving an opening for another type of scam.
Publish Date: 10/16/2018
read more -->

Apple to Congress: Chinese spy-chip story is “simply wrong”

"Our internal investigations directly contradict every consequential assertion."
Publish Date: 10/8/2018
read more -->

Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Super Micro, Amazon, and Apple deny everything in the report.
Publish Date: 10/4/2018
read more -->

Google taking new steps to prevent malicious Chrome extensions

Company plans stricter rules for developers and greater control for users.
Publish Date: 10/2/2018
read more -->

Google backtracks—a bit—on controversial Chrome sign-in feature

Privacy-conscious users were unhappy at being signed in to browser without consent.
Publish Date: 9/27/2018
read more -->

Microsoft offers completely passwordless authentication for online apps

Phone-based authentication is the way forward instead.
Publish Date: 9/24/2018
read more -->

New modification of the old cold boot attack leaves most systems vulnerable

The defenses put in place to thwart the 2008 attack turn out to be very weak.
Publish Date: 9/13/2018
read more -->

Georgia says switching back to all-paper voting is logistically impossible

In Curling v. Kemp, both sides are set to duke it out in court on Wednesday.
Publish Date: 9/12/2018
read more -->

Windows 10 support extended again: September releases now get 30 months

And Microsoft is offering enterprises dedicated app compatibility support.
Publish Date: 9/6/2018
read more -->

Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.
Publish Date: 9/5/2018
read more -->

Microsoft obliquely acknowledges Windows 0-day bug published on Twitter

Flaw allows a local user to obtain System privileges.
Publish Date: 8/29/2018
read more -->