Blockchain is bullsh!t, prove me wrong meets ‘chain gang fans at tech confab


Blockchain-fanciers have been told to stop the “sexy noises” about its use in fintech and get real – though others remain hopeful the tech can hitch its cart to the techlash bandwagon.

“The world we’re talking to only sees the crypto hype, and at the moment they’re also seeing the crypto demise,” Lisa Short, founder of Changer Inc, told attendees at the London 2019 Blockchain Week.

The event, held on 11 and 12 February, had a markedly different tone to that of 2018’s conference, where, thanks to rising Bitcoin prices, fevered bros bragged about the invincibility of their tech.

That’s not to say initial coin offerings (ICOs), crypto exchanges and tokens weren’t discussed – and the real cheerleaders remained bullish to the point of absurdity. “The blockchain is the foot soldier of decentralisation. The samurai who will slash everyone in front of it,” said Alex Mashinsky, CEO of lending platform Celsius Network, with unwavering loyalty.

Others thought that blockchain could take advantage of the growing backlash against tech titans, and help ease public concerns about fake news, data protection and brokering.

Read more…

10 essential steps to improve your security posture

A strong security posture takes more than having the right defenses in place, you also need to establish solid plans to ensure you react to any breach in the right way.


It has never been easier for cybercriminals to infect your business with malwareor ransomware. A vast array of malware tools can be bought on the dark web, complete with helpdesks for hackers, making the barrier to entry low. Most hackers will sit on your network for days, weeks or even months, gathering intelligence to infiltrate your systems and then try to exfiltrate data undetected.

While prevention is better than cure, it’s not always possible. The smart move is to take what action you can to guard against intrusion, but also to employ intelligent real-time defenses, and to craft detailed action plans and procedures to handle any incidents that do arise. These best practices will help you reduce the risk of a data breach occurring in the first place, but also reduce the impact and damage if the worst does happen.

Read more…

Microsoft removes eight cryptojacking apps from official store


Windows 10 apps caught cryptojacking
Image: Symantec

Microsoft has removed from the official Microsoft Store eight Windows 10 apps that had been caught mining the Monero cryptocurrency behind users’ backs for the benefit of the apps’ developers.

The names of the eight apps are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+ (Tutorials), FastTube, Findoo Browser 2019, and Findoo Mobile & Desktop Search.

The apps were developed by three developers, namely DigiDream, 1clean, and Findoo. US cyber-security firm Symantec, which discovered the malicious apps last month, says evidence they uncovered in the applications’ source code and adjacent domains led them to believe all eight had been developed by the same person or group, despite the different names.

Read more…

Protecting Cryptocurrency in the Era of ‘Deep Fakes’


Protecting Cryptocurrency in the Era of 'Deep Fakes'

The latest edition of the ISMG Security Report highlights how thieves can use “deep fake”photos in an attempt to steal cryptocurrency.

In this report, you’ll hear (click on player beneath image to listen):

  • ISMG’s Jeremy Kirk outline new ways that images can be manipulated to circumvent cryptocurrency exchange access controls;
  • Diana Kelley and Sian John of Microsoft provide details of their upcoming session at the RSA Conference on “data gravity”;
  • ISMG’s Mathew Schwartz offer an analysis of why mega-breaches are likely to continue.

The ISMG Security Report appears on this and other ISMG websites on Fridays. Don’t miss the Feb. 1 and Feb. 8 editions, both of which deal with nation-state threats.

Read more…

WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For


facebook phishing login page

How do you check if a website asking for your credentials is fake or legit to log in?

By checking if the URL is correct?

By checking if the website address is not a homograph?

By checking if the site is using HTTPS?

Or using software or browser extensions that detect phishing domains?

Well, if you, like most Internet users, are also relying on above basic security practices to spot if that “” or “” you have been served with is fake or not, you may still fall victim to a newly discovered creative phishing attack and end up in giving away your passwords to hackers.

Antoine Vincent Jebara, co-founder and CEO of password managing software Myki, told The Hacker News that his team recently spotted a new phishing attack campaign “that even the most vigilant users could fall for.”

Read more…

Sony Using Copyright To Take Down Its Own Anti-Piracy Propaganda


Sony has apparently decided that you can’t see its anti-piracy propaganda, because it might be pirated.

There are a few iconic sitcoms I remember from my childhood and What’s Happening!! is probably near the top of that list. What I had forgotten, is that the show once included a two part episode all about the evils of bootlegging, with guest stars, the Doobie Brothers. In that “very special episode,” the character of Rerun is caught trying to secretly tape the Doobie Brothers playing a show at their high school. Or as Mental Floss puts it:

The band, who are so upstanding they named themselves after an illegal drug, proceed to lecture the youngsters on morality and righteousness.

So, that’s cool. Either way, DC policy advocate Josh Lamel recently went looking for clips of that episode and discovered that they’ve all been taken down:

Read more…

620 Million Online Accounts Data Stolen from 16 Hacked websites – Available in Dark Web for Sale


Online Accounts

A new shocking report revealed that almost 620 million online account data from 20 famous websites currently hackers selling it in dark web for less than $20,000 in Bitcoin.

Selling data contains account holder names, email addresses, and passwords. These passwords are hashed and some of the other information such as location, personal details, and social media authentication tokens.

Stolen data from following websites are combined in this 620 million online accounts and the register confirmed this all data was completely legit.

1.Dubsmash (162 million)
2. MyHeritage (92 million)
3. MyFitnessPal (151 million)
4. ShareThis (41 million)
5. HauteLook (28 million)
6. Animoto (25 million)
7. EyeEm (22 million)
8. 8fit (20 million)
9. Whitepages (18 million
10. Fotolog (16 million)
11. 500px (15 million)
12. Armor Games (11 million)
13. BookMate (8 million)
14. CoffeeMeetsBagel (6 million)
15. Artsy (1 million)
16. DataCamp (700,000).

Read more…