The CyberWire Daily Briefing 2.11.19

Cyber Attacks, Threats, and Vulnerabilities

AP Exclusive: Undercover spy exposed in NYC was 1 of many (AP NEWS) When mysterious operatives lured two cybersecurity researchers to meetings at luxury hotels over the past two months, it was an apparent bid to discredit their research about an Israeli company that makes smartphone hacking technology used by some governments to spy on their citizens. The Associated Press has now learned of similar undercover efforts targeting at least four other individuals who have raised questions about the use of the Israeli firm's spyware.

Here’s how Russia could still sabotage Macedonia’s plans to join NATO (Defense News) North Macedonia wants to become NATO's 30th member before the year is over. Russia doesn't want that to happen.

Norwegian security firm thwarts state-sponsored attack by APT10 (Security Brief) Norwegian cybersecurity firm Visma is accusing a Chinese state-sponsored attack group (APT10) of allegedly attacking their systems and engaging in cyberespionage.

Australia probing role of China-based hackers behind Parliament attack (Business Standard) Australian security agencies are reportedly probing the role of China-sponsored cyber criminals behind last week's security breach of Parliament's computing network.

China link possible in cyber attack on Australian Parliament computer system (Radio New Zealand) Australia's security agencies are investigating a cyber breach of the Federal Parliament's computer network that the ABC understands is likely the result of a foreign government attack.

Experts comment on Aus Parliament breach (Security Brief) Late last week, Australian security agencies reported they were looking into a security breach of the Federal Parliament’s network..

Instagram data from 14 million profiles found in unsecured database, researcher says (CyberScoop) Information about more than 14 million Instagram accounts is being kept in an unsecured database that could render users vulnerable to hackers.

Admiral: ‘With Russia, Anything’s Possible’ (VOA) New head of U.S. Southern Command on Venezuela, what’s going on in ‘our neighborhood’

Venezuelan Foreign Ministry under cyber attacks (New Kerala) The Venezuelan embassy in Moscow on Thursday reported that the websites of Venezuelan Foreign Ministry in various countries across the globe were under threat of cyber attacks.

First clipper malware discovered on Google Play (WeLiveSecurity) Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores

Watch Out For New Ransomware Called Phobos (neoRhino) There's a new strain of ransomware making the rounds, and it's a nasty piece of work. Called Phobos by its creators, the latest threat on the ...

Major Security Breach Found in Hospital and Supermarket Refrigeration Systems (Safety Detective) Major security breach uncovered in temperature control system of hospital and supermarket chains including Marks & Spencer, Ocado, Way-on, and others.

Android vulnerabilities open Pie to booby-trapped image attacks (Naked Security) A trio of bugs could have opened Android 7, 8 and 9 to remote attackers wielding booby-trapped image files. Here’s what you need to know…

Active Directory Attack | AD Security Vulnerabilities | Exchange Authentication (Insider Threat Security Blog) A new Exchange attack has been posted that exploits how Exchange uses NTLM over HTTP to authenticate to the AD Domain. Click for complete details.

Trojan Targeting Only Italian Machines Contains Cheeky Mario Image (Computer Business Review) Security researchers at virtualization-based security enterprise Bromium have encountered a cheeky Super Mario reference within...

Super Mario Oddity (Security Boulevard) A few days ago, I was investigating a sample piece of malware where our static analysis flagged a spreadsheet as containing a Trojan but the behavioural trace showed very little happening. This is quite common for various reasons, but one of the quirks of how we work at Bromium is that we care about getting malware to run and The post Super Mario Oddity appeared first on Bromium.

Coinminer Targets Linux, Kills Competition to Maximize Profits (BleepingComputer) A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine.

Get-rich-quick social media scams are turning teens into money mules (Naked Security) Young people are being talked into handing over their bank details with the promise of some easy cash.

How Bezo's d[**]k pics might've been exposed (Security Boulevard) In the news, the National Enquirer has extorted Amazon CEO Jeff Bezos by threatening to publish the sext-messages/dick-pics he sent to his mistress. How did the National Enquirer get them? There are rumors that maybe Trump's government agents or the "deep state" were involved in this sordid mess. The more likely explanation is that it was a simple hack.

Warning: ‘Emotet’ computer virus circulating throughout Michigan (The Voice) Michigan State Police is warning residents about a malicious email campaign circulating throughout the state

Eight-year-olds are at risk of sexual exploitation on apps like Tik Tok, charity warns (The Telegraph) British children as young as eight are at risk of being sexually exploited on popular video sharing sites such as Tik Tok, children's charity Barnardo's has warned.

Wells Fargo Systems Issues Linger For Second Day (Wall Street Journal) Wells Fargo scrambled to deal with a systems problem that hampered the bank’s online and mobile banking platforms Thursday and Friday. The bank has been restoring operations and is extending branch hours to handle customer questions about the issues.

Security Patches, Mitigations, and Software Updates

Google Improves Android Encryption with Adiantum (SecurityWeek) Google has announced Adiantum, a new form of encryption aimed at Android devices without cryptographic acceleration.

Cyber Trends

Microsoft: Watch out for zero days; deferred patches, not so much (Computerworld) Yesterday’s Blue Hat IL presentation from MSRC shows that, in 2017-18, the threat from zero days far exceeds the threat of delaying patches by 30 days. Moreover, the vast majority of zero days are used in targeted attacks, not in public attacks.

Study Analyzes the Challenges and Concerns for IT/OT Convergence (Industrial Control Systems (ICS) Cyber Security Conference) There are several concerns that need to be addressed to achieve convergence between information technology (IT), operational technology (OT), and industrial internet of things (IIoT).

Cryptomining, Malware-as-a-service on the rise: Check Point Report (Moneycontrol) The report highlights democratization of cyber-crime through malware-as-a-service, and biggest cyber-threats perceived by organizations

Average DDoS attack volumes grew by 194% in 12 months (Help Net Security) Link11 has revealed that the volume and complexity of attacks continued to grow in Europe during the final quarter of 2018.

There's a growing disconnect between data privacy expectations and reality (Help Net Security) RSA Security researchers have discovered a growing disconnect between data privacy expectations and reality. Loss of customer trust is inevitable.

Google head of internet security says businesses should ignore scare stories and learn from history (CNBC) In an exclusive conversation with CNBC, Google's head of security and privacy says businesses have more to learn about their own insecurity.

How a tiny country bordering Russia became one of the most tech-savvy societies in the world (CNBC) As governments around the world wrestle with challenges from technology including data collection, artificial intelligence and cyber threats, Estonia might offer a blueprint for how to build a digital society.

Facebook 'delusion' can't replace religion, says Church of England bishop as social network's numbers surpass Christianity (The Telegraph) The idea that Facebook can replace religious communities is “a delusion”, a Church of England bishop has said, as the social network surpasses global Christianity in numbers.

Church of England attacks 'irresponsible' social media companies amid claims of children being harmed (The Telegraph) The Church of England has criticised “irresponsible” social media giants for failing to do enough to protect children from online “harms” including abuse, bullying and low self-esteem.

Marketplace

Australian managed cloud services market predicted to reach $2.8 billion in 2022 (CRN Australia) Demand will be driven by more critical workloads.

Huawei open to supervision by European governments and customers (Computing) Huawei's EU vice president says the company is open to any system of supervision by European governments over 5G hardware

Huawei "shocked or sometimes amused" by security allegations, will accept EU oversight (TechSpot) Liu says Europe is Huawei’s second home, and indeed it is. It’s the company’s second largest market in terms of sales, after China, they have some 12,000 employees there and thus far they’ve purchased $6.7 billion in goods and services…

China tech backlash seen benefiting higher-cost rivals (South China Morning Post) Concerns over the increasing market dominance of China’s tech giants have simmered over the years

Castle raises $9.2 million for AI that protects consumer apps from account takeovers (VentureBeat) Castle's technology helps prevent attempted account takeovers, whether they employ manual or automated methods, including credential stuffing.

Dell Is Selling Its Network Security Company SecureWorks (Gizchina.com) Dell is looking for a buyer for its 85% share of SecureWorks Corp, a U.S. provider of cybersecurity services. Its market value is close to ...

Dell seeks to sell cybersecurity SecureWorks to ease $50bln debt-pile (Financial World) The leading computer maker Dell Technologies, had been seeking potential sales opportunities for a cybersecurity company, SecureWorks Corp, a US cybersecurity provider

$132.73 Million in Sales Expected for Secureworks Corp (SCWX) This Quarter (Fairfield Current) Analysts forecast that Secureworks Corp (NASDAQ:SCWX) will report $132.73 million in sales for the current quarter, according to Zacks. Four analysts have made estimates for Secureworks’ earnings. The highest sales estimate is $133.00 million and the lowest is $132.53 million. Secureworks reported sales of $120.65 million during the same quarter last year, which indicates a […]

SecureWorks Corp. (SCWX) Plunges 8.6% on February 08 (Equities.com) SecureWorks Corp. (SCWX) had a rough trading day for Friday February 08 as shares tumbled 8.6%, or a loss of $-2.04 per share, to close at $21.68. After opening the day at $23.45, shares of

Carbonite to Unify Security and Data Protection by Acquiring Webroot (Security Boulevard) Carbonite has announced it will acquire Webroot to meld data protection and endpoint security, in a deal valued at $618.5 million.

Behind the deal: How Carbonite is acquiring Webroot (BizWest) Two major tech companies are coming together in an effort to protect technology users from both security breaches and the aftermath of losing data.

Labsec is a new company in Bury St Edmunds aiming to help businesses tackle cyber security (Bury Free Press) New cyber security company opens in Bury St Edmunds

EY boosts cyber credentials with new partner hire (ARN) EY has appointed Jacqui Kernot as partner of cyber security with the remit of building out the consultancy giant’s capabilities in Australia.

Products, Services, and Solutions

Ugandan Police strengthen the fight against crime with Gemalto Automated Biometric Identification System and LiveScan technology (CNBC Africa) New solution enables rapid capture of suspects’ biometric data – and accurate matching against central database and watchlists; Electronic LiveScan technology deployed in police stations and courts across the country; Police also trialing Mobile ID for ‘anytime, anywhere’ biometric identification.

Versasec unveils vSEC:CMS S-Series v5.4 (Help Net Security) Versasec rolled out the latest generation of its flagship identity and access management (IAM) solution, vSEC:CMS S-Series v5.4

Linksys, Trend Micro link for router-connected parental controls (Pickr) Not sure how you'll stop your kids from checking out all of the nasty things the internet has available? A service might just be available for your router. Provided your router is made by Linksys, that is.

Ping Intelligent Identity Platform enhanced with improved IT automation (Help Net Security) Ping Identity, the leader in Identity Defined Security, announced updates to its software products, including PingFederate, PingAccess and PingDirectory.

Idaptive unveils Next-Gen Access Cloud identity and access management platform (Help Net Security) Idaptive today unveiled the Next-Gen Access Cloud, its identity and access management platform built to help organizations secure access everywhere.

XebiaLabs announces Now certified XL Release app (Help Net Security) XebiaLabs announced that it has received certification of its new XL Release app integrating ServiceNow and the XebiaLabs DevOps Platform.

InfoSec Global (ISG) awarded FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) (PR Newswire) ISG addresses application security and privacy requirements of the U.S. Federal Government and for the world's most secure organizations

Technologies, Techniques, and Standards

Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess (WIRED) The shutdown may have ended two weeks ago, but federal cybersecurity professionals will be coping with its impact for a long time to come.

What Every Cleared Professional Should Know about Publicly Available Electronic Information - ClearanceJobs (ClearanceJobs) INSA's new report offers an overview of the pitfalls and promises of PAEI and its use in security clearance continuous evaluation and vetting.

How Governments are Running Effective Bug Bounty Programs (Bugcrowd) If you’re reading this article, statistically speaking your organization might be getting hacked. In the private sector, the Equifax hack and Intel’s processor vulnerabilities took the mainstream media by storm. And over the past year, data breaches of U.S. government networks, once novel, have become pervasive. Take it from the Office of Personnel Management (OPM) or the IRS – no one is safe

Swiss government invites hackers to pen-test its e-voting system (ZDNet) Government also offers cash rewards worth as much as $30,000.

Russia to disconnect from the internet as part of a planned test (ZDNet) Russia's internet contingency plan gets closer to reality.

Microsoft extends free program to protect political campaigns from cyberattacks to Canada (TheHill) Microsoft has expanded a program meant to protect political candidates and groups to Canada, the company announced Thursday.

Democrats Already Have A Big 2020 Hacking Problem (BuzzFeed News) The Democratic National Committee, worried about appearing partial to a specific candidate, has not spoken directly with 2020 campaigns about cybersecurity.

How can we improve adoption and ROI on security investments? (Help Net Security) Getting businesses to improve adoption and ROI on security investments is crucial in order to stay ahead of cyber attackers.

Zero trust browsing: Protect your organization from its own users (Help Net Security) To the casual observer, the cyberattack landscape is constantly shifting. In recent years, the threats and scams have evolved from Nigerian princes to

Don’t Leave Your Doors Open - Secure Your APIs Now (Infosecurity Magazine) Organizations fail to effectively safeguard APIs and often see an influx of security threats as a result.

Design and Innovation

Lucky Star Voice Actor Kaori Fukuhara Voices Cyber Security Firewall Character (Anime News Network) Fukuhara will also appear at a cyber security information conference on March 2.

Research and Development

The struggle behind predicting a cyberattack (Fifth Domain) Government agencies, including the intelligence community and its research arm, increasingly want to predict cyber attacks through machine learning. But a new study casts doubt on the effectiveness of that technique.

China-EU 5G research to continue despite growing Huawei concerns (South China Morning Post) The joint project will go ahead as planned despite the Chinese tech giant’s involvement

Academia

UC Berkeley bans new research projects with Huawei after US indictments (South China Morning Post) The directive halting new Huawei funding took effect on January 30, two days after the US filed criminal charges against the telecoms equipment maker

Sonowal cautions bright students about perils of cyber crimes (The Shillong Times) Presenting laptop computers to meritorious students of the state who have passed the Class 10 standard examination with flying colours...

Northern Kentucky University’s Cyber Defense team dominates competition, winning for 2nd straight year (Northern Kentucky Tribune) Northern Kentucky University students continue to dominate the Collegiate Cyber Defense Competition, winning for the second straight year. NKU’s Cyber Defense team came in first place in the state C

Student gets creative with data accidentally blasted out by university (Naked Security) A university employee accidentally emailed a spreadsheet containing personal information on every one of the college’s 4,557 students.

Report: K-12 Schools Experienced 122 Cyber Attacks in 2018 (Campus Safety Magazine) A new report from the K-12 Cybersecurity Resource Center says a U.S. school district falls victim to a cyber attack as often as every three days.

Legislation, Policy and Regulation

Europe hopes to fend off election hackers with ‘cyber sanctions’ (POLITICO) Officials are finalizing a sanctions regime to punish hacks and attempted disruptions ahead of May’s vote.

Lithuania set to ban fake news from Russia (Deutsche Welle) Lithuanian lawmakers want to outlaw spreading distrust of the state and attempts to distort historical memory. Critics say the bill to crack down on disinformation equates investigative journalism with propaganda.

The Internet, Divided Between the U.S. and China, Has Become a Battleground (Wall Street Journal) As China and the West race for 5G dominance, two digital powers with very different approaches to technology are staking out their corners. Some Silicon Valley executives worry the divergence risks giving Chinese companies an advantage in new technologies.

Analysts determine Chinese law lets police hack online services and copy user data for 'security' (TechSpot) The new provisions supposedly have the goal of protecting Chinese citizens by letting the Ministry of Public Security (MPS) perform remote or on-site penetration testing and network analysis. They’re allowed to target any company that provides internet services in China…

China's cybersecurity law update lets state agencies 'pen-test' local companies (ZDNet) China draws up law that makes it perfectly legal to hack any internet-related company activating in its borders.

New UK laws will block China's Huawei from sensitive state... (Reuters) New laws on foreign investment in the UK will block Chinese firm Huawei from sen...

Pompeo visit to focus on U.S. concerns over Huawei in central Europe (Reuters) U.S. Secretary of State Mike Pompeo will voice concerns about the growing presen...

U.S. Campaign Against Huawei Faces Challenge in Eastern Europe (Wall Street Journal) Governments in Europe’s east, which have been courted by Beijing and promised investments, debate whether or not to ban Chinese tech giant Huawei.

Trump likely to sign executive order banning Chinese telecom equipment next week (POLITICO) The White House wants to highlight its commitment to telecom security ahead of a key wireless industry conference.

Will Trump Fan the Flames as Huawei Is Burned at the Stake? (Light Reading) An 'executive order' banning Chinese networking technology from US communications networks is imminent, according to Politico - such a posturing move would be bad for everyone.

Analysis | The Cybersecurity 202: William Barr would be at center of China hacking fight if confirmed (Washington Post) He would become attorney general amid a surge in Chinese cyber espionage.

Australian government works with Huawei despite 5G ban (The Sydney Morning Herald) A top Australian research body approved $1.5 million in grants to Huawei-linked projects and another federal institution has helped fund trips for students to Huawei facilities in China.

Analysis | The Cybersecurity 202: Trump gave the military freer rein for offensive hacking. Security experts say that’s a good idea. (Washington Post) We asked more than 100 security experts to weigh in.

Opinion | The U.S. military is quietly launching efforts to deter Russian meddling (Washington Post) U.S. Cyber Command doctrine moves us closer to Russia’s approach of treating cyberspace as part of a continuum of warfare.

US strikes back at Russia in cyberspace warfare (The Manila Times Online) With little public fanfare, US Cyber Command, the military’s new center for combating electronic attacks against the United States, has launched operations to deter and disrupt Russians who have been meddling with the US political system. Like other US cyberwar activities, this ef

Four principles to guide the US response to cyberattacks (Fifth Domain) Four principles should guide American decision makers in developing tough responses to other nations’ cyber provocations.

With New Appointment, State Department Ramps Up War Against Foreign Propaganda (Foreign Policy) Former Fox News correspondent and Navy veteran Lea Gabrielle to head long-troubled Global Engagement Center.

Senators want DHS to look into government use of foreign VPNs (FCW) Sens. Ron Wyden and Marco Rubio have asked the Cybersecurity and Infrastructure Security Agency to consider banning federal employees from using apps created by foreign companies, which they claim could contain spyware.

Cybersecurity Loses Brand-Name Billing in House Intelligence Shuffle (Meritalk) While there is no doubt that the House Intelligence Committee will continue to concern itself with relevant cybersecurity issues, that would not be obvious from this week’s announcement of changes to the panel’s subcommittee structure.

View Cyber Defenses Exactly the Same as Military (Newsmax) Technological advances in our modern world dictate that our cyber defenses should be viewed in the same vein as our military defenses. This shift in philosophy may one day save America from catastrophic disaster.

Merkel Opens Spy Agency's Massive New Berlin HQ (SecurityWeek) Chancellor Angela Merkel has inaugurated the new, fortress-like Berlin headquarters of Germany's scandal-plagued BND foreign intelligence service.

Gov't seeking to build out new JDF unit — Chang (Jamaica Observer) The Government is looking to further build out the Jamaica Defence Forc...

Tokyo 2020 organisers highlight measures being taken to prevent repeat of PyeongChang 2018 Winter Games cyber attack (Australasian Leisure Management) Tokyo 2020’s Technology Director Yuko Takeuchi has insisted that measures are being taken to prevent a repeat of the cyber attack that hit the Opening Ceremony of the PyeongChang 2018 Winter Olympic Games.

Athens At The Center Of European Cyber Security Strategy (Forbes) A new agreement keeps ENISA in Greece and opens the organization doors to more high - level tech personnel aiming to improve the cybersecurity strategy of the E.U.

Shield our children from this betting poison (Times) A 12-year-old drags on a Marlboro Red; an 11-year-old holds a lighter under a spoonful of crack; a ten-year-old sinks two pints of lager. Something in us recoils at the collision of innocence and...

Revealed: the child victims of Tinder, Grindr and other dating apps (Times) The failure of tech giants to enforce adult age limits on dating apps is placing a generation of children at risk of grooming and sexual exploitation, a Sunday Times investigation reveals today.

Privacy is a commons (TechCrunch) “The commons is the cultural and natural resources accessible to all members of a society,” quoth Wikipedia, “held in common, not owned privately.” We live in an era of surveillance capitalism in a symbiotic relationship with advertising technology, quoth me. And I put it to…

Huge Intel Leadership Shifts: New Directors For NRO, NGA (Breaking Defense) The low grading noise you could barely hear yesterday was the sound of the tectonic plates of American intelligence shifting as the National Geospatial Intelligence Agency and the National Reconnaissance Agency got new directors.

Here’s the leader of new combined intel and cyber office (Fifth Domain) The Air Force is organizing cyber effects within its existing ISR shop.

‘There’s going to be a fight here to weaken it’: Inside the lobbying war over California’s landmark privacy law (Washington Post) A landmark law adopted in California last year to rein in the data-collection practices of Facebook, Google and other tech giants has touched off a lobbying blitz that could water it down, potentially undermining new protections that might apply to Internet users across the country.

Litigation, Investigation, and Enforcement

AP sources: Prosecutors probing National Enquirer after Bezos report (Philly.com) The National Enquirer's alleged attempts to blackmail Amazon CEO Jeff Bezos could get the tabloid's parent company and top editors in deep legal trouble

Jeff Bezos Alleges American Media's Deputy General Counsel Attempted To Extort Him (New York Law Journal) Amazon CEO Jeff Bezos said American Media Inc. threatened to release personal photos of him if he did not comply with a set of demands. He published an email from the New York-based company's deputy general counsel Thursday.

National Enquirer denies trying to blackmail, extort Jeff Bezos (MarketWatch) The National Enquirer committed neither extortion nor blackmail by threatening to publish intimate photos of Amazon CEO Jeff Bezos, an attorney for the head of the tabloid’s parent company said Sunday.

American Media lawyer denies attempt at blackmail, extortion of Amazon CEO Jeff Bezos (USA TODAY) A lawyer for National Enquirer owner American Media's CEO defended the company's talks with Jeff Bezos, saying the company did nothing illegal.

Saudi Arabia denies involvement in leak of Jeff Bezos’ private messages (TechCrunch) In his extraordinary Medium post last week accusing American Media Inc of “extortion and blackmail,” Bezos hinted (but did not explicitly state) that there may be a connection between Saudi Arabia and the publication of his personal messages with Lauren Sanchez. Now Saudi Arabia’s minister of forei…

National Enquirer should have known not to squeeze Bezos, says ex-spokesman for the tabloid (CNBC) Stu Zakim, former spokesman for David Pecker's National Enquirer, questions the wisdom of attempting to use leverage on the world's richest man.

Could Amazon's Bezos wreck AMI, owner of National Enquirer, with blackmail charges? (USA TODAY) The Florida-based supermarket's new attacks on Amazon owner Jeff Bezos is shining a harsh light on the underbelly of tabloid journalism.

What happens when billionaires battle gossipmongers? Prepare for explosions. (Washington Post) Fighting the same kind of war, Jeff Bezos and Peter Thiel took different paths.

Boies Schiller Plays White Knight for Jeff Bezos, Led by Bill Isaacson (New York Law Journal) The Amazon and Washington Post owner's legal team includes the new vice chairman at Boies Schiller Flexner and longtime Hollywood attorney Martin Singer.

Jeff Bezos Protests the Invasion of His Privacy, as Amazon Builds a Sprawling Surveillance State for Everyone Else (The Intercept) One of the world's greatest privacy invaders just had his privacy invaded.

German Regulators Just Outlawed Facebook's Whole Ad Business (WIRED) The country’s antitrust regulator told Facebook it couldn't demand so much data from users simply to have an account. Experts say it’s a big deal.

Is Europe closing in on an antitrust fix for surveillance technologists? (TechCrunch) The German Federal Cartel Office’s decision to order Facebook to change how it processes users’ personal data this week is a sign the antitrust tide could at last be turning against platform power. One European Commission source we spoke to, who was commenting in a personal capacity, de…

Facebook ordered to keep apps separate unless users opt in to sharing (Naked Security) So much for creating a three-headed Cerberus marketing-happy chat dog! Also, we’ll soon see the who-what-huh? behind the ads we’re shown.

Sprint Accuses AT&T of False Advertising of 5G Service (Wall Street Journal) Sprint Corp. has sued AT&T Inc. over a branding campaign that it says falsely tells customers they are receiving 5G service on their smartphones, escalating marketing wars between carriers over the next generation of wireless networks.

Child abuse imagery found in cryptocurrency blockchain (Naked Security) For the second time in a year, illegal child abuse images have been spotted inside a blockchain. According to a post by web blockchain payments system Money Button, on 30 January its service was ab…

Police tell Waze to stop pinpointing their checkpoints (Naked Security) Waze users are helping intoxicated drivers to evade checkpoints and could thus be “engaging in criminal conduct,” say police.

Australia investigates attempted Parliament hack. Zero-days a bigger risk? Internet autarky. Huawei issues. Blackmail inquiry.