By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Representatives from top tech companies, including Google, Microsoft, and Twitter, met at Facebook’s headquarters on Wednesday with government officials to discuss security ahead of the 2020 election, according to a recent report. According to Reuters, Facebook said the companies and government agencies were working together to develop strategies to block previous weaknesses and avoid future threats with the first primary just five months away. The meeting at Facebook’s Menlo Park, California, offices involved officials from the Department of Homeland Security, the Federal Bureau of Investigation and the Office of the Director of National Intelligence, Bloomberg first reported. Richard Salgado, Google's Director of Law Enforcement and Information Security, told FOX Business that collaboration with law enforcement and other tech companies is key to protect election integrity in the U.S. "At Google, we've invested in robust systems to detect phishing and hacking attempts, identify foreign interference on our platforms, and protect campaigns from digital attacks. But technology is only part of the solution," Salgado told FOX Business in an emailed statement. An anonymous source told Bloomberg about the private, full day of meetings focused on how tech companies are preparing security measures ahead of the 2020 election to prevent against similar disinformation campaigns that were led by Russians organized during the 2016 election cycle. The companies also discussed how they would work with government agencies to keep their sites secure. Representatives from Microsoft and Twitter confirmed to FOX Business that the companies both participated in the talks. The Twitter spokesperson also said the company is “committed to doing our part,” in regard to maintaining the integrity of its site during the 2020 presidential election. For more turn to OUR FORUM.

Exploit reseller Zerodium on Tuesday announced higher going rates for Android vulnerabilities, with the firm now paying out up to $2.5 million for so-called zero-click zero-days, reports Motherboard. As the value of Android exploits increases, the market health of zero-days designed to thwart iOS protections stagnates due to what can be characterized as a supply glut. Zerodium, for example, pays out $2 million for zero-click vectors targeting iPhone, and decreased payouts for one-click attacks from $1.5 million to $1 million, the report said.  Zero-click exploits refer to vulnerabilities that can be leveraged to hack a device without user interaction, while zero-days are defined as bugs, exploits and other flaws that are as yet unknown to platform operators. Zero-days are particularly prized assets for hackers — both lawful and nefarious — looking to break into locked-down devices like iPhone. "The zero-day market is flooded by iOS exploits, mostly Safari and iMessage chains, mainly due [to] a lot of security researchers have turned their focus into full-time iOS exploitation," said Zerodium founder Chaouki Bekrar. "They've absolutely destroyed iOS security and mitigations. There are so many iOS exploits that we're starting to refuse some of them."  The director of the exploit buyer Crowdfense, Andrea Zapparoli Manzoni, agrees with Bekrar's assessment of the market, but notes, not all iOS chains are "intelligence-grade." Still, it appears the supply of vulnerabilities more than sates demand.  Bekrar added that Android is becoming increasingly difficult to crack, in part due to fragmentation. The multi-version, multi-device nature of Google's operating system has long been considered a weakness in terms of consistency and stability, but it is this very "feature" that might prove useful in protecting against widespread attack, the report said. "Learn more at OUR FORUM.

Searching for textbooks and essays in electronic form on the Internet exposes students to a wide range of malicious attacks as Kaspersky Lab researchers found after analyzing data gathered over the past academic year. With the back to school season in full force and everyone looking around for the best possible price, some will end up trying their chances on the web instead of paying for educational materials out of their pocket. While this might look like a bargain at first, it also comes with a lot of dangers seeing that attackers will try their best to infect your computer with malware downloaders that can download and execute banking Trojans and ransomware or with worms capable of quickly spreading to all your contacts and all devices on your network. After taking a closer look at attacks using malicious documents with educational-related filenames and directed at Kaspersky users, the researchers discovered that threat actors targeted potential victims from the educational field over 356,000 times in total over the past academic year. "Of these, 233,000 cases were malicious essays that were downloaded to computers owned by more than 74,000 people and that our solutions managed to block," found Kaspersky. "About a third of those files were textbooks: we detected 122,000 attacks by malware that was disguised as textbooks. More than 30,000 users tried to open these files." While the MediaGet downloader will only download and install an unneeded torrent client, the two other downloaders are capable of dropping a huge range of malware strains on the victims' computers including but not limited to adware, crypto miners, spyware, banking Trojans, and, in the most serious cases, ransomware capable encrypting all their data. Stalk, on the other hand, a worm Kaspersky detects as Worm.Win32.Stalk.a also use spam emails to reach its victims' computers and will immediately attempt to infect any connected USB flash devices and as many devices on the same network as possible. In-depth details are posted on OUR FORUM.