Devices for the Internet of Things (IoT) and smart home applications are often equipped with older Wi-Fi technology. Some devices even work (exclusively) over the 2.4 GHz band and have problems with 5 GHz. Espressif is now introducing its first SoC for IoT with Wi-Fi 6.
Article
Articles about computers, malicious software and recent computer news.
Netflix advertising – advertisements at Netflix in a cheaper subscription
Netflix is in talks with Google and several other companies about ads on Netflix. A cheaper subscription with advertising should slow down the recent loss of customers.
US warns against active abuse of Dirty Pipe leak in Linux
The US government has issued a warning that attackers are actively exploiting the Dirty Pipe vulnerability in Linux. The vulnerability allows a local user to gain root privileges. Government agencies in the US have been instructed to fix the vulnerability in their systems before May 16.
EFF: Anonymous Twitter Accounts Are Essential for Users
The ability to be anonymous on Twitter is essential for users and an important part of freedom of expression, the EFF believes. The American civil rights movement is concerned that new owner Elon Musk does not fully appreciate the human rights value of pseudonymous speech.
British government discovers new variant of spy malware SparrowDoor
Last year, the UK’s National Cyber Security Center (NCSC) found a variant of the spy malware SparrowDoor on an undisclosed UK network. An analysis of the variant was published today, which can now steal data from the clipboard, among other things. In addition, indicators of compromise and Yara rules have been made available that allow organizations to detect the malware within their own network.
NCSC: logging in with password is the most insecure form of authentication
Logging in with a username and password is the most insecure form of authentication. Organizations that want to better protect their accounts are therefore advised to choose stronger authentication methods, such as two-factor authentication (2FA) and the FIDO2 standard from the FIDO Alliance. This is stated by the National Cyber Security Center (NCSC) in a new fact sheet called “Authenticating adults”.
Homeland Security bug bounty program yields 122 vulnerabilities
The first bug bounty program organized by the US Department of Homeland Security has revealed a total of 122 vulnerabilities, 27 of which have been labeled critical. Last December, Homeland Security launched the “Hack DHS” program. The program consists of three phases. First, a model was developed that other government agencies can also use to strengthen their cyber resilience.