Last week, New Zealand student and technologist Dylan McKay downloaded his entire Facebook archive to see just how much data the company had harvested from. To his surprise, he discovered that not only had Facebook collected the identities of his friends and family from his address book, but that, for a short period between 2016 […]
Via Ars Technica: A new internet worm emerged over the weekend that took less than 24-hours to infect Android devices such a smartphones and TV boxes. Once infected, the devices began mining the Monero brand of crypto-currency, and seeking additional devices to infect: Once infected, Android phones and TV boxes scan networks for other devices […]
The security desk at Ars Technica is reporting on a new attack where more than 2000 WordPress sites were infected with malware that can capture keystrokes (and passwords) within the administrative control panel. It also installs an in-browser crypto-currency miner that hijacks the computers of site visitors to run silently in the background. Side effects […]
Ars Technica has published an excellent in-depth article detailing how the upcoming software and hardware patches designed to deal with the Meltdown and Spectre vulnerabilities will likely have a negative impact on computer performance. To recap: modern high-performance processors perform what is called speculative execution. They will make assumptions about which way branches in the code […]
Heading down to New Orleans for LSC’s Innovations in Technology Conference this week? Be sure to be on the lookout for Just-Tech’s Founder and President, John Greiner, and Senior Consultant, Anna Steele. On Tuesday, Anna will be participating in the pre-conference hackathon, and John will be joining members of the legal services technology community in […]
Via Ars Technica: Mozilla has recently released a major upgrade to the Thunderbird email client that addresses a critical buffer-overflow vulnerability that was discovered earlier this year: The bug, rated critical by the Mozilla Foundation, is CVE-2017-7845, which is a buffer overflow vulnerability affecting only Windows users. “A buffer overflow occurs when drawing and validating […]
Thomson Reuters (aka: Westlaw) has a introductory primer up on the increased use of blockchain technologies in both the financial and legal sectors. Blockchain 101 [Note: The article is partially pay-walled, so to read the full piece you will need a Westlaw login.]
Endgadget is reporting on a new malware attack underway in in Europe. Dubbed “Bad Rabbit”, the attack takes advantage of widely known flaws in Adobe’s Flash product to trick users into downloading a fake update from a compromised web site. Once installed, the update encrypts user files, rendering them inaccessible until a ransom demand of […]
Mathy VanHoef, a researcher with the imec-DistriNet Research Group at University of Leuven, Belgium has released a paper titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 which details a major vulnerability in the WPA2 wireless security protocol. Per VanHoef’s release notes: [A]ttackers can use this novel attack technique to read information that was previously […]
Via Bloomberg: “Yahoo! Triples Likely Scope of 2013 Hack to 3 Billion Users” If you’ve ever had a Yahoo! account, the following sentence is not going to help your blood pressure: Yahoo, the internet company acquired by Verizon Communications Inc. this year, now believes a 2013 security breach exposed all 3 billion of its users […]
