Samsung's fingerprint-secured T7 Touch SSD drops to $160 for 1TB
- While you may not be leaving home as often as you used to at the moment, security is still important for all of the devices you might carry around, including external storage.
- Samsung's T7 Touch SSD can keep your data secure until you unlock it via the built-in fingerprint sensor.
- The 1TB model is now available for $160 at Amazon and Best Buy, the lowest price we’ve seen to date.
- That's a saving of $70 on the regular price of $230, and it’s $10 cheaper than it was on Black Friday.
- As well as fingerprint recognition, you can opt to protect data on the SSD with a password that has 256-bit encryption.
- The T7 Touch SSD includes what Samsung calls a Motion LED, which lets you quickly check its status.
- Follow @EngadgetDeals on Twitter for the latest tech deals and buying advice.
One of the Internet’s most aggressive threats could take UEFI malware mainstream
- Trickbot operators sell access to their vast number of infected machines to other criminals, who use the botnet to spread bank trojans, ransomware, and a host of other malicious software.
- According to research findings published on Thursday, Trickbot has been updated to incorporate an obfuscated driver for RWEverything, an off-the-shelf tool that people use to write firmware to virtually any device.
- At the moment, researchers have detected Trickbot using the tool only to test whether an infected machine is protected against unauthorized changes to the UEFI.
- At the moment, the researchers have seen Trickbot using it’s newly acquired UEFI-writing capabilities to test if the protections are in place.
- Instead of being the dominion of advanced persistent threat groups that typically are funded by nation states, access to UEFI-vulnerable computers could be rented out to the same lower-echelon criminals who now use Trickbot for other types of malware attacks.
Van Buren appeal arguments in light of Computer Fraud and Abuse Act ambiguity
- The latter interpretation encouraged LinkedIn to bring a web scraping case against talent management algorithm hiQ, also currently pending a Supreme Court ruling, while Facebook recently accused the Friendly Social Browser of violating its terms of service, the CFAA, and its Californian counterpart law, drawing criticism from the Electronic Frontier Foundation (EFF).
- The EFF has also warned the Supreme Court that affirming the 11th Circuit’s Van Buren ruling could deter invaluable aspects of security research that often violate terms of service, such as port and network scanning.
- Casey Ellis, founder and CTO of bug bounty platform Bugcrowd, told The Daily Swig that while the Van Buren case only “lightly addressed” the impact on cybersecurity research, the amicus briefing and subsequent letter “were covered in the arguments.
US temporarily withdrawing embassy personnel from Baghdad amid tensions with Iran
- One US official said the drawdown would take place in the lead-up to the January 3 anniversary of the US' killing of Iranian Gen. Qasem Soleimani due to concerns about retaliation.
- A source familiar echoed this and said the decision to have a partial, temporary withdrawal was determined at a Tuesday meeting of the National Security Council's Policy Coordination Committee.
- Both the US official and the source said the withdrawal was expected to last only until mid-January, after the anniversary passes.
- It is unclear exactly how many diplomats are being pulled from the embassy.
- The US government expects possible retaliation around the Soleimani death anniversary.
- At the Policy Coordination Committee meeting Tuesday, the option to fully withdraw staff from the embassy was not selected, the source familiar said, and the US official said no decision has been made to close the embassy.
Twitter now supports hardware security keys for iPhones and Android
- Twitter said Wednesday that accounts protected with a hardware security key can now log in from their iPhone or Android device.
- The social media giant rolled out support for hardware security keys in 2018, allowing users to add a physical security barrier to their accounts in place of other two-factor authentication options, like a text message or a code generated from an app.
- Twitter — and other companies — have long recommended that high-profile accounts, like journalists, politicians, and government officials, use security keys to prevent some of the more sophisticated attacks.
- Earlier this year Twitter rolled out hardware security keys to its own staff to prevent a repeat of its July cyberattack that saw hackers break into the company’s internal network and abuse an “admin” tool, which the hackers then used to hijack high-profile accounts to spread a cryptocurrency scam.
Archive and historians sue White House, seek to preserve presidential records
- Washington, D.C., Dec. 1, 2020 – The National Security Archive, the Society for Historians of American Foreign Relations, the American Historical Association, and the Citizens for Responsibility and Ethics in Washington today filed suit against President Donald Trump in his official capacity, seeking to enforce the Presidential Records Act and prevent any destruction of records during the presidential transition.
- The lawsuit cites the inadequacy of current White House policies that only require a screenshot of instant messages to be saved, preserving only the graphic content, when the law (as amended in 2014) requires "a complete copy" to be preserved, including digital links and attachments.
- The Archive wrote the White House Counsel, Pat Cipollone, on November 13, seeking express assurances that all presidential records would be preserved, and citing six different news reports that White House staff were violating the records laws.
Cyberespionage Using SS7 via Circles
- For example, the Guardian reported in March 2020 that Saudi Arabia appeared to be “exploiting weaknesses in the global mobile telecommunications network to track citizens as they travel around the US.” Other investigative reports indicated that journalists, dissidents, and opposition politicians in Nigeria and Guatemala were similarly targeted.
- Because of SS7’s lack of authentication, any attacker that interconnects with the SS7 network (such as an intelligence agency, a cybercriminal purchasing SS7 access, or a surveillance firm running a fake phone company) can send commands to a subscriber’s “home network” falsely indicating that the subscriber is roaming.
- We identified two Circles systems in Botswana: an unnamed system and a system named Bentley Bullevard that appears to be operated by Botswana’s Directorate of Intelligence and Security Service (DISS), as TLS certificates used on the Check Point firewalls were signed by a self-signed TLS certificate for “CN=sid.org.bw” which is a domain name used by the Directorate of Intelligence and Security.
Homeland Security Watchdog to Probe Department’s Use of Phone Location Data
- The department’s inspector general told five Democratic senators that his office would initiate an audit “to determine if the Department of Homeland Security (DHS) and its components have developed, updated, and adhered to policies related to cell-phone surveillance devices,” according to a letter sent last week to Capitol Hill and shared with The Wall Street Journal.
- The Journal reported earlier this year that several agencies within DHS were buying access to a product made by a commercial broker, a company called Venntel Inc., of Herndon, Va., that contained location information on millions of U.S. mobile devices, drawn from games, weather apps and other common mobile applications.
- The department also buys software from Babel Street, another vendor that sells location-data products, according to public records.
This incredible exploit could have let hackers remotely own iPhones without even touching them
- Today, Google Project Zero security researcher Ian Beer has revealed that, until May, a variety of Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could let attackers remotely reboot and take complete control of their devices from a distance — including reading emails and other messages, downloading photos, and even potentially watching and listening to you through the iPhone’s microphone and camera.
- According to Beer, that’s because today’s iPhones, iPads, Macs and Watches use a protocol called Apple Wireless Direct Link (AWDL) to create mesh networks for features like AirDrop (so you can easily beam photos and files to other iOS devices) and Sidecar (to quickly turn an iPad into a secondary screen).
- Apple didn’t immediately respond to a request for comment, but the company does cite Beer in the changelogs for several of its May 2020 security updates that are linked to the vulnerability.
Linux-as-Network Startup Isovalent Launches Enterprise Product, Raises Google-Led Funding Round
- A few weeks back, when it was announced that the three-year-old Mountain View-based networking startup Isovalent was emerging from stealth -- after a $29 million Series A funding round and launch of a new product, Cilium Enterprise -- the big news wasn't the amount of money raised, but that the round was led in part by Google, with participation from Cisco Investments.
- Isovalent's co-founder and CEO, Dan Wendlandt, spent about 10 months as a partner at Andreessen in 2016, a stint that was sandwiched between a three-year-long gig as VMware's director of product management for cloud-native infrastructure and founding of the startup he now heads.
- Cilium's focus is on cloud-native networking, and its secret sauce is in its use of eBPF, a relatively new Linux kernel technology that can run sandboxed programs from within the operating system.