The Tor Project, a private non-profit that underpins the dark web and enjoys cult status among privacy activists, is almost 100% funded by the US government.

Source: surveillancevalley.com

…

The animation, which Putin presented as part of the Russian president’s annual state-of-the-union-style address, features five weapons. The Samrat intercontinental ballistic missile, the Project 4202 hypersonic glide vehicle, a long-range torpedo and the Kinzhal air-to-surface missile have all been in development for years. And the United States is developing, or already possesses, rough analogues to each.

Source: vice.com

…

Two weeks ago, in a little-noticed presentation at the Offensive Con security conference in Berlin, security researchers Markus Vervier and Michele Orrù detailed a method that exploits a new and obscure feature of Google’s Chrome browser to potentially bypass the account protections of any victim using the Yubikey Neo, one of the most popular of the so-called Universal Two-Factor, or U2F, tokens that security experts recommend as the strongest form of protection against phishing attacks.

…

The US Securities and Exchange Commission (SEC) has issued ‘dozens’ of subpoenas and information requests from companies seeking to jump on the cryptocurrency craze through Initial Coin Offerings (ICOs).

Source: zdnet.com

…

Researchers have discovered an advertising network which has figured out a way to bypass ad blocking software in order to serve website visitors with cryptojacking scripts.

Source: zdnet.com

…

This paper presents a detailed and up-to-date security analysis of the voting software used in Brazilian elections. It is based on results obtained by the authors in a recent hacking challenge organized by the Superior Electoral Court (SEC), the national electoral authority. Duri…

Source: researchgate.net

…

Over the past five months, Camp has been sketching out plans for a brand new cryptocurrency that aims to fix technical and other challenges plaguing existing projects, such as Bitcoin and Ethereum. His hope, he told Fortune, is to resuscitate virtual currency’s original promise: an instant, affordable, and borderless means of payment for the masses.

Source: fortune.com

…

I’ve had a Tobii Eye Tracker sitting among a pile of PC peripherals that I want to cover or give away for a year now. I hate when this happens, but time and sanity is limited. But something came over me this week, and I finally did the work to plug in the eye-tracking device and set it up … and now I’m scared.

…

Attackers have generated $3,900 so far in an ongoing campaign that’s exploiting the popular rTorrent application to install currency-mining software on computers running Unix-like operating systems, researchers said Thursday.

Source: arstechnica.com

…

FinFisher is such a complex piece of malware that, like other researchers, we had to devise special methods to crack it. We needed to do this to understand the techniques FinFisher uses to compromise and persist on a machine, and to validate the effectiveness of Office 365 ATP detonation sandbox, Windows Defender Advanced Threat Protection (Windows Defender ATP) generic detections, and other Microsoft security solutions.

…

In this demo, we will dump user data without reading it. If you translate the code into Javascript, you could dump IE browser data.

Source: github.com

…

When someone goes to the lengths of making counterfeits of your products, it’s at least a sign you’re doing something right. And it deserves a minute of flatter

Source: elevationlab.com

…

In his State of the Nation speech today, Russian president Vladimir Putin showed computer animations and videos demonstrating three new classes of strategic weapons under development that are specifically intended to defeat the United States’ ballistic missile defenses. Among them were two weapons powered by miniaturized nuclear reactors: a drone submarine ‘torpedo’ previously revealed in a Russian news leak and a cruise ‘missile’ drone with what Putin described as a virtually unlimited range. The third was a new non-ballistic, hypersonic ICBM capable of evading US missile interceptors.

…

Over last couple of days we’ve seen a big increase in an obscure amplification attack vector – using the memcached protocol, coming from UDP port 11211. In the past, we have talked a lot about amplification attacks happening on the internet.

Source: cloudflare.com

…

At 17:28 GMT, February 28th, Akamai experienced a 1.3 Tbps DDoS attack against one of our customers, a software development company, driven by memcached reflection. This attack was the largest attack seen to date by Akamai, more than twice the size of the September, 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed. Because of memcached reflection capabilities, it is highly likely that this record attack will not be the biggest for long.

…

Just when you thought the Equifax clustermuck couldn’t get any muckier, the credit broker found another 2.4 million Americans affected by its 2017 breach.

Source: sophos.com

…

The “SIGINT Seniors” is a spy agency coalition that meets annually to collaborate on global security issues. It has two divisions, each focusing on different parts of the world: SIGINT Seniors Europe and SIGINT Seniors Pacific. Both are led by the U.S. National Security Agency, and together they include representatives from at least 17 other countries.

Members of the group are from spy agencies that eavesdrop on communications – a practice known as “signals intelligence,” or SIGINT.

…

Behind an abandoned military facility 40 miles northwest of Oslo, Norway built a surveillance base in close collaboration with the National Security Agency. Its bright, white satellite dishes, some of them 60 feet in diameter, stand out against the backdrop of pine-covered hills and red-roofed buildings that scatter the area.

Source: theintercept.com

…

On Wednesday, at about 12:15 pm ET, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method, no botnet required.

Source: wired.com

…

On Wednesday, February 28, 2018 GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack. We understand how much you rely on GitHub and we know the availability of our service is of critical importance to our users. To note, at no point was the confidentiality or integrity of your data at risk.

…