• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

security

  1. cageymaru

    Cybersecurity Vulnerabilites in Weapon Systems Blemish the Department of Defense

    A study by the U.S. Government Accountability Office (GAO) has shown how vulnerable U.S. weapon systems under the control of the Department of Defense (DOD) have become. This is due to the weapon systems becoming more networked and software dependent and the DoD is still in the early stages of...
    • cageymaru
    • Thread
    • cybersecurity department of defense dod gao hacks security testing united states government accountability office vulnerabilities weapons system
    • Replies: 43
    • Forum: HardForum Tech News
  2. AlphaAtlas

    Google Pixel 3 Has a Titan M Security Chip

    Google announced the Pixel 3 and Pixel 3 XL today. Both phones feature specs you'd expect from a flagship Android smartphone, including a Snapdragon 845, an improved camera, 4GB of RAM, a choice of 64GB of 128GB of storage, an upgraded 5.5" or 6.3" display, and a price tag starting at $800. As...
  3. AlphaAtlas

    Bloomberg Source Has Doubts About Supermicro Story

    Risky Business originally got swept up in "Supermicro madness", as they call it. But now, they're having doubts about Bloomberg's big story. Joe Fitzpatrick, a hardware hacking expert who was one of Bloomberg's named sources, shares and discusses his emails with Bloomberg in an podcast...
  4. cageymaru

    Google Announces New Data Controls and the Closing of Google+ After Security Lapse

    Google has announced that it is shuttering its beleaguered social media portal Google+ in response to a security lapse where 3rd party developers could access private consumer data from 2015 until March 2018. The Wall Street Journal exposed the breach this morning. Project Strobe was an...
    • cageymaru
    • Thread
    • alphabet bug data google google+ lapse permission privacy security security tool
    • Replies: 16
    • Forum: HardForum Tech News
  5. Pieter3dnow

    Kernel not being updated for security on phones

    https://fudzilla.com/news/mobile/47337-phone-vendors-are-not-updating-their-linux-kernels From an interview with Greg Kroah-Hartman describes how big of a mess it is in the mobile environment regarding secure devices from several vendors.
  6. AlphaAtlas

    Florida Engineers Can Automatically Verify PCB Components

    Following allegations that China spied on major US companies with micro-controllers embedded in PCBs, engineers from the University of Florida claim they were already working on the problem. Mark Tehranipoor, director of the Florida Institute for Cybersecurity Research, says their automated...
  7. AlphaAtlas

    California Bans Weak Login Credentials

    California Governor Jerry Brown recently signed the "Security of Connected Devices" bill into law. Among other things, the bill forces any internet facing devices to use reasonable security measures, and explicitly prohibits weak default login credentials like "password" as a password. "admin"...
  8. AlphaAtlas

    China Embedded Spy Chips On Supermicro Motherboards

    According to a report by Bloomberg, the Chinese government has been spying on US tech companies with chips the size of a pencil head. Citing anonymous sources, Bloomberg claims intelligence officials went to the White House with information suggesting "China's military was preparing to insert...
  9. cageymaru

    Apple Ships Laptops with Intel Management Engine Enabled

    Apple has shipped laptops with the Intel ME or "manufacturing mode" enabled. Intel practices "security through obscurity" where corporations such as Apple have to sign a NDA before using certain software packages in an attempt to protect intellectual property. Normal users would never know...
    • cageymaru
    • Thread
    • apple intel intel management engine intel me laptop security security through obscurity
    • Replies: 9
    • Forum: HardForum Tech News
  10. cageymaru

    Facebook "View As" Hack Affects over 90 Million Accounts

    Facebook has acknowledged being hacked on Tuesday, September 25th and the security issue directly affected almost 50 million accounts and another 40 million indirectly. The "View As" feature that Facebook implemented in July 2017 is the source of the security issue. The "View As" feature...
    • cageymaru
    • Thread
    • access token digital key facebook hack mark zuckerberg security view as
    • Replies: 18
    • Forum: HardForum Tech News
  11. AlphaAtlas

    DoD Cloud Contract Proposals Must be Submitted on DVDs

    In July, the Department of Defense announced that it would be taking proposals for the $10 Billion Dollar JEDI Cloud Computing Contract. In a bizarre sounding update to the contract, the DoD said it would only accept submissions in the form of DVDs delivered by hand on October 12, 2018. The DVD...
  12. AlphaAtlas

    Port of San Diego Hit by Ransomware Attack

    In a press release, the Port of San Diego said that it was hit by a ransomware attack. Port of San Diego CEO Randa Coniglio said that the incident was first reported on September 25, and that a ransom note was requested in Bitcoin. Authorities claim they contained the attack to a few systems...
  13. AlphaAtlas

    Teenage Apple Hacker Escapes Conviction

    An Australian teenager who hacked into Apple's servers, and had access to them for about a year, pleaded guilty without getting any jail time. Instead, he got away with an 8 month probation sentence. The now 19 year old boy has been accepted into a university to study criminology and cyber...
  14. cageymaru

    Uber Settles Data Breach Lawsuit with 50 States for $148 Million

    Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for...
    • cageymaru
    • Thread
    • data breach hacker lawsuit security settlement state attorney general uber
    • Replies: 7
    • Forum: HardForum Tech News
  15. AlphaAtlas

    Free VPNs Are Not Really Free

    There's a perception that free VPNs provide an almost charitable privacy service. Users who are censored by their own government, for example, typically can't afford subscription VPN services, and often turn to free alternatives to circumvent oppressive restrictions. However, HackRead wrote up...
  16. AlphaAtlas

    Credential Stuffing Attacks are Growing

    Credential stuffing attacks, which companies used to treat as "annoying background noise", are turning into something more closely resembling a DDOS attack. This kind of attack uses bots to test credential pairs stolen from data leaks, and relies on the bad habit of users sharing login names and...
  17. cageymaru

    Android and Google Play Security Rewards Programs Surpass $3 Million in Payouts

    For the past 3 years, Google has been paying top researchers for submitting vulnerability reports about flaws and bugs in the Android ecosystem. Recently the Android Security Rewards (ASR) just exceeded the $3 million mark in rewards to researchers. This year alone 470 qualifying vulnerability...
    • cageymaru
    • Thread
    • android security rewards asr exploit google google play security rewards researcher reward security vulnerability
    • Replies: 4
    • Forum: HardForum Tech News
  18. AlphaAtlas

    Equifax Slapped With 500k Fine

    The UK branch of Equifax was fined 500,000 pounds by the Information Commissioner's Office for failing to protect the personal info of around 15 million UK customers. If that fine seems rather modest, that's because it is. 500,000 pounds is the largest fine regulators can give under the Data...
  19. AlphaAtlas

    WD My Cloud NAS Hack Discovered

    Security researchers discovered an exploit that allows attackers to gain administrative access to WD My Cloud NAS devices. Simply having a cookie with the string "username = admin" when the device sends a login request will allow you to run administrative commands, such as reading or deleting...
  20. AlphaAtlas

    NSA Software Fuels Rise in Crypto Mining Malware

    The Cyber Threat Alliance claims that a software tool leaked from the NSA is fueling a massive rise in cryptocurrency mining malware. The cyber-security experts claim they detected a "459 percent increase in the past year of illicit crypto mining," and point to leaked NSA software called...
  21. AlphaAtlas

    Financial Info Leaked in Newegg Data Breach

    Working together, Volexity and RiskIQ discovered a credit card skimming attack on Newegg's website. The security researchers claim that hackers injected Javascript code into Newegg's secure checkout page, which would collect form data and send it to "neweggstats.com". That domain was created on...
  22. cageymaru

    Chrome 70 Adds Support for Shape Detection and Web Authentication

    The Chrome 70 beta will incorporate shape detection that makes a device's shape detection capabilities available on the web; letting you identify faces, barcodes, and text in images. Security features coming to Chrome 70 beta will use macOS's TouchID and Android's fingerprint sensor via Web...
    • cageymaru
    • Thread
    • beta chrome 70 security shape detection web authentication web authentication api web bluetooth
    • Replies: 6
    • Forum: HardForum Tech News
  23. AlphaAtlas

    Government Payment Service Leaks 14M Records

    Government Payment Service Inc, which runs the website GovPayNow.com, leaked over 14 million customer records from the past 6 years. Names, phone numbers, addresses, and the last 4 digits of credit cards were part of the leak. The website is used by state and local governments across the U.S...
  24. AlphaAtlas

    Kodi Cryptomining Malware is Going Around

    Cyber security firm ESET tells ZDnet that three popular Kodi addon repositories are spreading cryptomining malware. ESET researchers say they found code embedded in addons from the Bubbles, Gaia, and XvBMC repos that would trigger the download of a secondary, malicious addon. The malware is said...
  25. cageymaru

    Apple App Store Jewel "Adware Doctor" Pilfered Phone Data to Send to China

    The Adware Doctor app occupied the front page of the Apple App Store as the #4 highest rated app, but it had a dark secret. Instead of removing viruses and malware from iOS devices, it was collecting all browser history, app store purchases, and more to bundle into an encrypted file to be sent...
    • cageymaru
    • Thread
    • adware doctor app store apple apple app store china data breach exfiltrate file malware pilfer risk scam scan security server theft thief
    • Replies: 25
    • Forum: HardForum Tech News
  26. AlphaAtlas

    Credit Card Info Leaked in British Airways Data Breach

    In a press release, IAG subsidiary British Airways claim they're investigating "the theft of customer data from its website, ba.com and the airline's mobile app." The company says over 300,000 customers who made reservations or changes between August 21 and September 5 are affected, and warns...
  27. AlphaAtlas

    Uber Adds Crash Detection and Security Features

    Uber added a new safety feature called "Ride Check" to their app. Using GPS and other phone sensors, the Uber app scans for conditions that indicate a possible crash. When the feature is initiated, both the rider and the passenger get a prompt asking if they're OK, as well as an offer for 911...
  28. cageymaru

    Hardware Vulnerable to Google RFID Keycard Door Hack Still in Use by Other Companies

    Google security researcher David Tomaschik discovered an exploit that allowed him access to any RFID keycard enabled door on the Google campus. By analyzing the seemingly random lock and unlock codes that his door sent through the Google network, he was able to discover the encryption key...
    • cageymaru
    • Thread
    • google hack internet of things iot keycard reader rfid rfid door security software house vulnerability widespread
    • Replies: 4
    • Forum: HardForum Tech News
  29. AlphaAtlas

    Another Windows Zero Day Exploit Discovered

    Big Windows security holes aren't exactly rare. Now, it seems that another Zero Day vulnerability is out in the wild. GitHub user SandboxEscaper uploaded proof-of-concept code for the attack, and announced it in a rather colorful tweet. The exploit, which is related to the Windows Task...
  30. cageymaru

    Microsoft Patch Tuesday Addresses Intel L1 Terminal Fault Vulnerability

    Microsoft Patch Tuesday has implemented fixes and improvements to address the newly disclosed Intel L1 Terminal Fault (L1TF). AMD's Bulldozer and Jaguar processors reclaim lost performance as an issue that caused high CPU usage and degradation with Family 15h and 16h AMD processors was...
    • cageymaru
    • Thread
    • adobe flash amd countermeasure intel meltdown microsoft patch tuesday security spectre vulnerability
    • Replies: 11
    • Forum: HardForum Tech News
  31. cageymaru

    Intel Has Disclosed New Security Flaws that Affect SGX and Virtualization

    Intel has disclosed a new set of security flaws collectively called the L1 Terminal Fault (L1TF). These flaws were discovered in conjunction with researchers at KU Leuven University and other universities. The researchers call their discoveries Foreshadow and Foreshadow - Next Generation (NG)...
    • cageymaru
    • Thread
    • disclosure foreshadow foreshadow - ng hypervisor intel l1tf meltdown security sgx smm smt spectre virtualization
    • Replies: 55
    • Forum: HardForum Tech News
  32. cageymaru

    Midterm Elections in West Virginia Will Feature Mobile Phone Voting

    In a day and age where hackers can run a port-out-scam and steal millions of dollars from unsuspecting cryptocurrency owners, the State of West Virginia (WV) has decided to be the first in the nation to allow its citizens to vote by smartphone app during an election. All you need is a...
    • cageymaru
    • Thread
    • anonymous voting election hacking foreign voting security smartphone app voting smartphone voting voatz
    • Replies: 83
    • Forum: HardForum Tech News
  33. cageymaru

    Research Robots Can Be Hijacked Over the Internet

    Researchers at Brown University found more than 100 robots in research labs that were vulnerable to outside manipulation and sabotage by doing an online scan of the internet. By looking explicitly for devices running the Robot Operating System or (ROS), the team of researchers were able to take...
  34. cageymaru

    Venmo App Allows Drug Buyers to Share Their Purchases With the World

    Many internet users love social media so Paypal designed the Venmo app to target the Facebook crowd. Sign up for the service with the privacy focused Facebook login and the Venmo app will allow you to send money to friends and make purchases at approved merchants. You can even see what your...
    • cageymaru
    • Thread
    • facebook hang do thi duc paypal public security social media twitter venmo
    • Replies: 17
    • Forum: HardForum Tech News
  35. cageymaru

    Robotic Vacuum Cleaners Can Be Exploited to Spy on WiFi Networks

    Dongguan Diqee 360 robotic vacuum cleaners can allegedly be exploited in two ways. Since this is an Internet of Things (IoT) device, it is connected to the internet at all times and comes with default login credentials that most customers don't change. Using these credentials the device can be...
  36. R

    "Stylish" Browser Extension Steals All Your Internet History

    Popular browser extension "Stylish," used for customizing the appearance of webpages, was recently found to also be stealing all of your internet history. Software engineer Robert Heaton noticed the problem last week when he spotted a large number of requests going to api.userstyles.org. After...
  37. S

    MSI X99S XPOWER AC Spectre/Meltdown BIOS?

    Hey guys, Back in January MSI put out a press release that they were coming out with a new BIOS for a ton of mobos - including my X99S XPOWER AC - http://www.guru3d.com/news-story/msi-releases-bios-updates-to-address-recent-vulberabilities.html - however, the firmware mentioned (E7881IMS.1C0)...
    • sk3tch
    • Thread
    • bios cpu intel meltdown mobo motherboard msi security spectre vulnerability x99 x99s xpower ac
    • Replies: 9
    • Forum: Motherboards
  38. FrgMstr

    Beijing Security Fair - For Security Spying

    When you think of a "security fair," you likely think of an event that is based around things being more secure for you. In China, a security fair seems to be all about you having less security from all sort of surveillance on you. It is called the China International Exhibition on Police...
  39. R

    Pentagon Cracks Down on Cell Phones

    In a report from the Associated Press, the Defense Department has approved new restrictions on electronic devices within the Pentagon. The memo, signed by Deputy Secretary Patrick Shanahan, primarily clarifies current procedures, procedures that state that phones be left in storage containers...
  40. R

    New Processor Vulnerability Discovered

    Microsoft and Google Project Zero researchers announced today a new category of processor vulnerability known as a speculative execution side channel vulnerability, or Speculative Store Bypass, that is closely related to the Spectre Variant 1 vulnerability. Microsoft has also released a security...
Back
Top