Things I Hearted this Week, 16th Feb 2018

February 16, 2018 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

Rolling in the bounty

bug bounties

We hear a lot about bug bounties and how some people are potentially making a lucrative living off it.

HackerOne has paid out over $24m in bounties in the last five years. That’s some serious cash, considering how far that translates into local currencies. So, they asked some of their top hackers how they spent their money.

SIM hijacking, the aftermath

In last week’s roundup there was a story about SIM swapping and how T-mobile USA was sending texts to customers stating they may be victims of fraud.

We often cover such stories, shake our heads and tut loudly before moving on. But Motherboard got in touch with nine victims of SIM hijacking and told their stories. It’s quite a wake-up call to the real-life impact scams and fraud can have on individuals.

Cryptocurrencies

Not entirely security related news, but hey if everyone is referring to it as ‘crypto’ I can include it here right?

Joseph Steinberg considers what the future holds for Bitcoin, which sits at the head of the table of cryptocurrencies today, while other currencies are nipping at its heels.

Another cryptocurrency theft

Mining stuff

AI recognition

Chinese police are wearing sunglasses that can recognize faces. No, that’s not a plot of a movie, but what’s actually happening. Railway police in Zhengzhou, a central Chinese city, are the first in the country to use facial-recognition eyewear to screen passengers during the Lunar New Year travel rush. The devices have allegedly already helped nab seven fugitives related to major criminal cases such as human trafficking and hit-and-runs, and 26 others who were traveling with fake identities.

While that may be well and good, there are some issues with facial recognition. Joy Ruolamwini, a researcher at the M.I.T. media lab, has shown how real-life biases can creep into A.I. The result is that for a white man, facial recognition is right 99 percent of the time, but the darker the skin the more errors arise – up to nearly 35% for darker skinned women.

EternalGlue

The good folk over at NCC group have published the second part of their findings since they were asked by a client to rebuild NotPetya from scratch. Well, not the exact same, as they changed the destructive payload out for telemetry and safeguards so they could measure what the impact of NotPetya would have been. It’s a good read.

Sony hands over data to the FBI

It seems like a lifetime ago opinion was split as to whether Apple should decrypt an iPhone of a suspected terrorist. Well, things still aren’t crystal clear, but in the latest development, Sony has handed over information to the FBI on a PlayStation 4 user suspected to planning to travel from Kansas to the Middle East to fight on behalf of a terrorist organisation.

Finding insecure AWS S3 buckets got a whole lot easier

As if misconfigured AWS S3 buckets that expose supposed information to the public wasn’t a big enough problem, a new search engine makes  the job even easier.

The developers of the service, named BuckHacker, claim to be doing the project to increase the awareness on bucket security.

Longer tech reads

A couple of longer and well-written technology-related articles that I enjoyed this week

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL CHAT