Security Alerts & News
by Tymoteusz A. Góral

History
#278 Project Shield, Google’s free DDoS protection service, is now open to any news site
Project Shield is now out of its invite-only beta period to offer free DDoS protection to news publications that apply for it. In particular, it is aimed at smaller news sites who do not have the resources to pay for costly protection against cyber attacks. However, it will also be open to any independent site that appears in Google News, including larger corporate publications.
#277 Carnegie Mellon Uni. (CMU) researchers were hired by the federal government to break Tor
A federal judge in Washington has now confirmed what has been strongly suspected: that Carnegie Mellon University (CMU) researchers at its Software Engineering Institute were hired by the federal government to do research into breaking Tor in 2014. The judge also made a notable statement in his court order that "Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network."
#276 Japan considers treating bitcoins the same as real money
TOKYO -- Japanese financial regulators have proposed handling virtual currencies as methods of payment equivalent to conventional currencies, a step that would strengthen consumer protection and spur growth in the virtual economy.
#275 Siri for Mac will be one of OSX 10.12’s major new features
Apple's Siri personal assistant will finally be coming to OS X 10.12 when the OS is released later this year, according to a report from 9to5Mac.
#274 Tor users blocked or faced with CAPTCHA if IP address matches known exit node.
About 1.3 million IP addresses—including those used by Google, Yahoo, Craigslist, and Yelp—are turning users of the Tor anonymity network into second-class Web citizens by blocking them outright or degrading the services offered to them, according to a recently published research paper.
#273 Attackers can turn Microsoft's exploit defense tool EMET against itself
Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen their Windows computers and applications against publicly known and unknown software exploits.
#272 ASUS hit by FTC with 20-year audit for bungled router security
The US Federal Trade Commission has come down hard on ASUS for putting consumers at risk from router and cloud security failings.
#271 Operation Blockbuster revealed
Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Some of the targets of these campaigns included financial institutions, media houses and manufacturing companies, among others.
#270 Secure messaging app Telegram hits 100 million users
Messaging service now delivering 15 billion messages every day, adding 350,000 users a day.
#269 Citizen Lab: Baidu Browser transmitting IMEI, location, URLs visited, CPU model
Citizen Lab has released a security report that found a large amount of personal data is being transmitted in the open, or with bad encryption, by Baidu browser on Android and Windows.
#268 Top ten OS for ethical hackers and security researchers
A comprehensive list of most popular operating systems among hackers all around the world.
#267 Researchers create super-efficient WiFi - consumes 10,000 times less power
A team of computer scientists and electrical engineers from the University of Washington has developed an extremely power-efficient version of Wi-Fi wireless networking technology that consumes 10,000 times less power than the current Wi-Fi components, allowing Wi-Fi networking to be built into a much wider range of devices.
#266 Cross-site scripting (XSS) enabled on 1000 major sites – including financial
A CloudFlare engineer has discovered that 1000 of the top one million websites, including bitcoin holding sites and trading sites, are running a default setting that enables the biggest security menace on the internet – cross-site scripting.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12