General Cyber News via Ars Technica Risk Assessment

Republicans storm ultra-secure “SCIF,” some with cell phones blazing [Update]

Lawmakers flout strict rules designed to prevent eavesdropping by adversaries.
Publish Date: 10/23/2019
read more -->

Why big ISPs aren’t happy about Google’s plans for encrypted DNS

DNS over HTTPS will make it harder for ISPs to monitor or modify DNS queries.
Publish Date: 9/30/2019
read more -->

New clues show how Russia’s grid hackers aimed for physical destruction

2016 Russian cyberattack on Ukraine intended to cause far more damage than it did.
Publish Date: 9/14/2019
read more -->

600,000 GPS trackers for people and pets are using 123456 as a password

A lack of encryption and easily enumerated IDs open users to a host of creepy attacks.
Publish Date: 9/5/2019
read more -->

Google Play app with 100 million downloads executed secret payloads

The sad, impractical truth about Android app security in 2019.
Publish Date: 8/27/2019
read more -->

Self-driving car service open sources new tool for securing firmware

FwAnalyzer provides continuous automated analysis of firmware images.
Publish Date: 8/7/2019
read more -->

Judge allows suit against AT&T after $24 million cryptocurrency theft

It's usually not possible to reverse fraudulent cryptocurrency transactions.
Publish Date: 7/23/2019
read more -->

Tech firms “can and must” put backdoors in encryption, AG Barr says

He's tired of "dogmatic announcements that lawful access simply cannot be done."
Publish Date: 7/23/2019
read more -->

Silent Mac update nukes dangerous webserver installed by Zoom

Fix also requires users to confirm they want to join a Zoom conference.
Publish Date: 7/10/2019
read more -->

Microsoft OneDrive gets a more secure Personal Vault, plus additional storage options

Microsoft is adding a protected section to its cloud storage.
Publish Date: 6/25/2019
read more -->

The clever cryptography behind Apple’s “Find My” feature

You can track down your stolen MacBook, but no one else can—not even Apple.
Publish Date: 6/6/2019
read more -->

Windows 10 May 2019 Update now rolling out to everyone… slowly

Unless you explicitly want it installed, you probably won't get this update.
Publish Date: 5/21/2019
read more -->

>20,000 Linksys routers leak historic record of every device ever connected

Linksys said it fixed flaw in 2014. Researcher Troy Mursch disagrees.
Publish Date: 5/18/2019
read more -->

The radio navigation planes use to land safely is insecure and can be hacked

Radios that sell for $600 can spoof signals planes use to find runways.
Publish Date: 5/15/2019
read more -->

New speculative execution bug leaks data from Intel chips’ internal buffers

Intel-specific vulnerability was found by researchers both inside and outside the company.
Publish Date: 5/14/2019
read more -->

Bloomberg alleges Huawei routers and network gear are backdoored

Details are scarce, but the "backdoor" appears to be benign.
Publish Date: 4/30/2019
read more -->

Password1, Password2, Password3 no more: Microsoft drops password expiration rec

For years, Microsoft's baseline security policy has expired passwords after 60 days.
Publish Date: 4/25/2019
read more -->

McAfee joins Sophos, Avira, Avast—the latest Windows update breaks them all

A range of fixes and workarounds have been published.
Publish Date: 4/19/2019
read more -->

Hackers could read non-corporate, Hotmail for six months

Hackers and Microsoft seem to disagree on key details of the hack.
Publish Date: 4/15/2019
read more -->

To catch a drug thief, hospital secretly recorded births, women’s surgeries

81 women claim their privacy was violated as hospital tried to trap a drug thief.
Publish Date: 4/3/2019
read more -->