General Cyber News via Ars Technica Risk Assessment

Self-driving car service open sources new tool for securing firmware

FwAnalyzer provides continuous automated analysis of firmware images.
Publish Date: 8/7/2019
read more -->

Judge allows suit against AT&T after $24 million cryptocurrency theft

It's usually not possible to reverse fraudulent cryptocurrency transactions.
Publish Date: 7/23/2019
read more -->

Tech firms “can and must” put backdoors in encryption, AG Barr says

He's tired of "dogmatic announcements that lawful access simply cannot be done."
Publish Date: 7/23/2019
read more -->

Silent Mac update nukes dangerous webserver installed by Zoom

Fix also requires users to confirm they want to join a Zoom conference.
Publish Date: 7/10/2019
read more -->

Microsoft OneDrive gets a more secure Personal Vault, plus additional storage options

Microsoft is adding a protected section to its cloud storage.
Publish Date: 6/25/2019
read more -->

The clever cryptography behind Apple’s “Find My” feature

You can track down your stolen MacBook, but no one else can—not even Apple.
Publish Date: 6/6/2019
read more -->

Windows 10 May 2019 Update now rolling out to everyone… slowly

Unless you explicitly want it installed, you probably won't get this update.
Publish Date: 5/21/2019
read more -->

>20,000 Linksys routers leak historic record of every device ever connected

Linksys said it fixed flaw in 2014. Researcher Troy Mursch disagrees.
Publish Date: 5/18/2019
read more -->

The radio navigation planes use to land safely is insecure and can be hacked

Radios that sell for $600 can spoof signals planes use to find runways.
Publish Date: 5/15/2019
read more -->

New speculative execution bug leaks data from Intel chips’ internal buffers

Intel-specific vulnerability was found by researchers both inside and outside the company.
Publish Date: 5/14/2019
read more -->

Bloomberg alleges Huawei routers and network gear are backdoored

Details are scarce, but the "backdoor" appears to be benign.
Publish Date: 4/30/2019
read more -->

Password1, Password2, Password3 no more: Microsoft drops password expiration rec

For years, Microsoft's baseline security policy has expired passwords after 60 days.
Publish Date: 4/25/2019
read more -->

McAfee joins Sophos, Avira, Avast—the latest Windows update breaks them all

A range of fixes and workarounds have been published.
Publish Date: 4/19/2019
read more -->

Hackers could read non-corporate, Hotmail for six months

Hackers and Microsoft seem to disagree on key details of the hack.
Publish Date: 4/15/2019
read more -->

To catch a drug thief, hospital secretly recorded births, women’s surgeries

81 women claim their privacy was violated as hospital tried to trap a drug thief.
Publish Date: 4/3/2019
read more -->

Woman from China, with malware in tow, illegally entered Trump’s Mar-a-Lago

Event raises serious questions about security practices of the US Secret Service.
Publish Date: 4/3/2019
read more -->

How Microsoft found a Huawei driver that opened systems to attack

Monitoring systems were looking for attacks using technique popularized by the NSA.
Publish Date: 3/26/2019
read more -->

Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender

Microsoft is expanding the reach of its device management services.
Publish Date: 3/21/2019
read more -->

Google, Microsoft work together for a year to figure out new type of Windows flaw

Researcher finds building blocks for privilege escalation: Can they be assembled to create a flaw?
Publish Date: 3/18/2019
read more -->

Epic says its Game Store is not spying on you

But Sweeney says it will stop accessing Steam friends lists without permission.
Publish Date: 3/15/2019
read more -->