Two years after it was cited for security and privacy violations in its connected toys, VTech Electronics Ltd. has been fined by the U.S. government for violations of a federal law protecting children’s online privacy.
Tag: hacking
Episode 78: Meltdown and Spectre with Joe Unsworth of Gartner and will GDPR spark a Data War in 2018?
In this week’s Security Ledger podcast, Joe Unsworth has been covering the semiconductor space for Gartner for 15 years, but he’s never seen anything like Meltdown and Spectre, the two vulnerabilities that Google researchers identified in a wide range of microprocessors. In this podcast, Joe comes in to talk with us about what the flaws will mean for major chip vendors. Also: we kick off 2018 with a pair of predictions for the New Year from two of the smartest guys in the information security business. Lawyer and Lawfare blogger Paul Rosenzweig speaks with us about the year ahead including the possibility of a data war between the US and the EU. Also: Experian VP for Consumer Protection Mike Bruemmer comes in to talk to us about that company’s Data Breach Industry Forecast for 2018.
Google details CPU flaws, claims AMD, ARM and Intel all affected
Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips. Contrary to published reports, a blog post on the Google Security Blog by Matt Linton, a Senior Security Engineer at Google and Pat Parseghian, a Technical Program Manager said that flaws dubbed “Specter” (PDF) and “Meltdown” (PDF) are not limited to chips by Intel, but exist in central processing unit (CPU) chips by a wide range of vendors including Intel, AMD and ARM. Google discovered the flaws The flaws were discovered by Jann Horn, a researcher for Google’s Project Zero security team, discovered the flaw and showed how malicious actors could game a common CPU feature known as “speculative execution” to […]
Report: Nation-Backed Hackers Hit Industrial Emergency Shutdown System
Hackers believed to be affiliated with a nation-state hacked into emergency shutdown systems at a facility in the Middle East. The attack seemed intended to “cause a high-impact attack with physical consequences,” according to reports from a number of cyber security firms.
Podcast: will Uber’s Florida Man Problem chill Bug Bounties?
In our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.
