IBM started a beta program with 40 companies where Watson will be assisting in cyber security. It will match incoming attacks with known current malware campaigns to provide useful background information, and monitor security events like incorrect login attempts.
After a four-year cooperation between Europol, the FBI and other parties, the Avalanche botnet was taken down. It controlled over 500.000 machines, used over 800.000 unique domains and at its peak hosted and distributed 17 different malware packages.
Google is announcing OSS-Fuzz, a continuous fuzzing engine which will be used to harden select open source projects against errors like buffer overflows. It currently churns out about 4 trillion test cases per week and has already found 150 bugs in various projects. To be eligible for the beta the open source project needs to have a large user base and/or be critical to the global IT infrastructure.
The "USB Killer" is a USB stick with the ability to collect power from USB power lines, and use it to zap the USB port with 220 volts, usually killing the device it's connected to. Here you see it killing a Lenovo laptop, XBox One S, PS4 and the dashboard of a car.
With 20 minutes of sample data, they can make 'you' say anything in your own voice. I wonder what the impact on court cases will be. Fortunately, they do also say that they are working hard on making the use of it detectable by watermarking.
When combined with facial reenactment technology I imagine the possibilities will be, well, scary.
This article is a great resource to send to your coworkers, or at least use it as a checklist on what to harass them with in order to get their security on par. You might want to check if you do all of the mentioned security steps, too.
According to research by Valimail, of all the companies trying to implement DKIM only about 25% are successfully enforcing it. Some obvious reasons are the complex nature of DKIM/SPF/DMARC, and the high impact in case you get something wrong.
There is an exploit that will trigger your browser to send its IP address to an external server, which isn't great if you're using Tor and want to stay anonymous.
If you use AirDroid, a remote management tool for Android, you might want to uninstall or disable it for now. Although it does require the attacker to be on the same unsecured network as you are.
This might be worth bookmarking. It's a handy tool to perform all kinds of "cyber" operations, like base64 encoding/decoding, various hashing and encrypting algorithms, and more. Fun to play around with.