PossibleThreat Articles

Articles for the experts…

Month: July 2019

ComputerWorld Independent 

Mozilla blames 'interlocking complex systems' and confusion for Firefox's May add-on outage

0 Comments , ,

Credit to Author: Gregg Keizer| Date: Fri, 26 Jul 2019 03:00:00 -0700

Mozilla has issued multiple after-action reports analyzing the major mix-up in May that crippled most Firefox add-ons. The reports also made recommendations for preventing similar incidents in the future.

The fiasco started just after 8 p.m. ET on Friday, May 3, when a certificate used to digitally sign Firefox extensions expired. Because Mozilla had neglected to renew the certificate, Firefox assumed add-ons could not be trusted – that they were potentially malicious – and disabled any already installed. Add-ons could not be added to the browser for the same reason.

To read this article in full, please click here

Read more
Security Sophos 

Facebook gets its wrist slapped $5b for fumbling our data, confirms FTC

0 Comments , , , , , , , , , ,

Credit to Author: Lisa Vaas| Date: Thu, 25 Jul 2019 16:30:35 +0000

The FTC initially wanted a fine worth tens of billions, plus potential jail time for execs.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/8EI8tUn77RA” height=”1″ width=”1″ alt=””/>

Read more
ComputerWorld Independent 

Researchers to launch intentionally ‘vulnerable’ blockchain at Black Hat

0 Comments , ,

Credit to Author: Lucas Mearian| Date: Thu, 25 Jul 2019 14:06:00 -0700

Hoping to raise awareness about blockchain vulnerabilities, cybersecurity firm  Kudelski Security next week plans to launch the industry’s first “purposefully vulnerable” blockchain – and will demo it at next month’s Black Hat conference.

Kudelski Security’s FumbleChain project is aimed at highlighting vulnerabilities in blockchain ecosystems, according to Nathan Hamiel, head of cybersecurity research at Kudelski.

The flawed blockchain ledger is written in Python 3.0, making it easy for anyone to read and modify its source code, and it’s modular – allowing users to hack and add new challenges to promote continuous learning.

To read this article in full, please click here

Read more
Microsoft Security 

New machine learning model sifts through the good to unearth the bad in evasive malware

0 Comments , , , , , , , , , , , , ,

Credit to Author: Eric Avena| Date: Thu, 25 Jul 2019 16:30:55 +0000

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.

The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security.

Read more
MalwareBytes Security 

Changing California’s privacy law: A snapshot at the support and opposition

0 Comments , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Credit to Author: David Ruiz| Date: Thu, 25 Jul 2019 15:59:59 +0000

Before the California Senate returns from its summer recess, we look at the authors, supporters, opponents, and donors involved in an extended fight to change California’s privacy law, the California Consumer Privacy Act.

Categories:

Tags:

(Read more…)

The post Changing California’s privacy law: A snapshot at the support and opposition appeared first on Malwarebytes Labs.

Read more
Security Sophos 

New York City moves to protect citizens’ location data

0 Comments , , , , , ,

Credit to Author: Danny Bradbury| Date: Thu, 25 Jul 2019 12:13:19 +0000

New York City is considering a law that could stop cellphone carriers and smartphone app vendors from selling their location data.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/EEMeIRvhNwI” height=”1″ width=”1″ alt=””/>

Read more