Free Republic

The vendor helps CalPERS identify member deaths and make sure that correct payments go to retirees and their beneficiaries.. The personal information of about 769,000 retired CalPERS members was exposed in a third-party data breach that was reported earlier this month. CalSTRS also said it was impacted by the breach and KCRA 3 is trying to learn how many of its members were impacted. CalPERS, the California Public Employees' Retirement System, is the nation's largest public pension fund. It serves more than 2 million members in its retirement system and more than 1.5 million in its health program. CalSTRS, the...

Chinese firm admits its hacked DVRs, cameras were behind Friday's massive DDOS attack Botnets created from the Mirai malware were involved in Friday's cyber attack. Michael Kan - IDG News Oct 23, 2016 A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S. on Friday. Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame. According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities...

Rental Cars Can Steal Phone Data Like Contacts and Text Messages http://fortune.com/2016/09/01/rental-cars-data-theft/ Tech Internet of Things Watch Out That Your Rental Car Doesn't Steal Your Phone Data By: Jeff John Roberts September 1, 2016, 10:51 AM  Watch out how you connect to cars. Here’s something to think about the next time you plug your phone into a rental car: The vehicle may be slurping up and recording all sorts of data, including your location, personal contacts, and even your text messages and web browsing. That warning comes via a Federal Trade Commission blog post this week, which highlights a downside...

Hacker demonstrates how voting machines can be compromised - CBS News http://www.cbsnews.com/news/rigged-presidential-elections-hackers-demonstrate-voting-threat-old-machines/ Concerns are growing over the possibility of a rigged presidential election. Experts believe a cyberattack this year could be a reality, especially following last month's hack of Democratic National Committee emails. The ranking member of the Senate Homeland Security Committee sent a letter Monday to the Department of Homeland Security, saying in part: "Election security is critical, and a cyberattack by foreign actors on our elections systems could compromise the integrity of our voting process." Roughly 70 percent of states in the U.S. use some form of electronic...

Security Expert: Solar Panels Are Extremely Easy To Hack  http://dailycallernewsfoundation.org/2016/08/02/security-expert-solar-panels-are-extremely-easy-to-hack/ Security Expert: Solar Panels Are Extremely Easy To Hack Andrew Follett on August 2, 2016 A conference of cybersecurity experts is meeting in Las Vegas this Friday to discuss how rooftop solar panels make homes much easier to hack. The experts found that a malicious hacker can easily knock solar panels offline, cause them to intentionally overheat or shut down entirely. Some hacking can even use solar panels to cause physical damage in the real world. “I could have installed spying software that would have had visibility into their home...

Windows 10 Worst Secret Spins Out Of Control - Forbes http://www.forbes.com/sites/gordonkelly/2016/02/09/windows-10-data-tracking-spying-levels/?utm_campaign=yahootix&partner=yahootix#1b42bfac7aa9 Back in November Microsoft confirmed Windows 10’s worst kept secret: its extensive telemetry (or ‘spying’ as it has been labelled) cannot be stopped. What no-one realised until now, however, is just how staggering the extent of this tracking really is…  Blowing the lid on it this week is Voat user CheesusCrust whose extensive investigation found  *Windows 10 contacts Microsoft to report data thousands of times per day.  And the kicker?  *This happens after choosing a custom Windows 10 installation and disabling all three pages of tracking options which are...

Shmoocon Foxglove Security bod Stephen Breen has strung together dusty unpatched Windows vulnerabilities to gain local system-level access on Windows versions up to 8.1. The unholy zero-day concoction, reported to Microsoft in September and still unpatched, is a reliable way of p0wning Windows for attackers that have managed to pop user machines. Breen released exploit code for his attack dubbed Hot Potato following his talk at the Shmoocon conference in Washington over the weekend. "Hot Potato takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay -\- specifically HTTP-SMB relay - and...

Internet-connected industrial devices could be accessible to anyone, with no password, thanks to a coding error by a gateway manufacturer. Taiwanese firm Advantech patched the firmware in some of its serial-to-IP gateway devices in October to remove a hard-coded SSH (Secure Shell) key that would have allowed unauthorized access by remote attackers. But it overlooked an even bigger problem: Any password will unlock the gateways, which are used to connect legacy serial devices to TCP/IP and cellular networks in industrial environments around the world. Researchers from security firm Rapid7 discovered the vulnerability in the revised firmware, version 1.98, released for...

If you're running Windows 7 or 8.1 on a computer that isn't attached to a domain, you're no doubt familiar with the "Get Windows 10" ads that try to convince you -- sometimes subtly, sometimes forcefully -- to install Windows 10. Microsoft's intrusive campaign has drawn much well-deserved ire among Windows customers. I think it represents a new low in Microsoft marketing -- right down there in the Scroogled end of the gene pool. Back in August, Microsoft posted KB 3080351, a discussion of new Group Policy settings and two obscure registry entries -- DisableOSUpgrade and ReservationsAllowed -- that, taken...

Sam Thielman The Senate, ignorant on cybersecurity, just passed a bill about it anyway. The US Senate overwhelmingly passed a controversial cybersecurity bill critics say will allow the government to collect sensitive personal data unchecked, over the objections of civil liberties groups and many of the biggest names in the tech sector. The vote on Tuesday was 74 to 21 in support of the legislation. (snip) None of the Republican presidential candidates (except Lindsey Graham, who voted in favor) were present to cast a vote, including Rand Paul, who has made privacy from surveillance a major plank of his campaign...

http://www.techsecurityupdate.com/avg-to-flog-your-web-browsing-search-history-from-mid-october/ AVG to flog your web browsing, search history from mid-October September 21, 2015 John Leyden Uncategorized Comments Off Your secrets sold to advertisers Changes in the privacy policy of AVG's free antivirus doodad will allow it to collect your web browsing and search history – and sell it to advertisers to bankroll its freemium security software products.…

WASHINGTON, May 4, 2009 – U.S. forces in Iraq increasingly are focused on training Iraqis to be self-sufficient, and most recently that training has brought Iraqis closer to managing their communications frequencies, information security and automotive maintenance. Fourteen students drawn from Iraq’s ministries of Communications, Defense and Interior and from the Communications and Media Commission graduated from a course on electromagnetic spectrum management taught by members of the U.S. Defense Information Systems Agency's Joint Spectrum Center based in Annapolis, Md. The spectrum provides a finite number of frequencies to enable communications and technologies such as radar and weapons systems. Multinational...