De Fraudehelpdesk en de overheid waarschuwen voor bedrieglijk echt lijkende e-mails van MijnOverheid, waarmee de verzender probeert de DigiD-gegevens van ontvangers te ontfutselen.

In de mail staat dat dat de ontvanger een bericht "van de Belastingdienst in uw Berichtenbox op MijnOverheid" heeft. Het e-mailbericht lijkt betrouwbaar, omdat het potentiële slachtoffer in de aanhef met voor- en achternaam wordt genoemd.

In werkelijkheid leidt een link in de e-mail naar een nepwebsite met een aanmeldscherm van DigiD. MijnOverheid maakt op de website duidelijk dat het om een phishingmail gaat. "Deze e-mail is een goede imitatie van berichten die daadwerkelijk vanuit MijnOverheid worden verstuurd", waarschuwt de Fraudehelpdesk.

Intel has, for now, no plans to specifically address a side-channel vulnerability in its processors that can be potentially exploited by malware to extract encryption keys and other sensitive info from applications.

A team of researchers at the Systems and Network Security Group at Vrije Universiteit Amsterdam, in the Netherlands, say they were able to leverage the security weakness to extract crypto keys from another running program in 99.8 of tests on an Intel Skylake Core i7-6700K desktop CPU; 98.2 percent of tests on an Intel Broadwell Xeon E5-2620 v4 server CPU; and 99.8 per cent of tests on a Coffeelake part.

Their code was able to lift a secret 256-bit key, used to cryptographically sign data, from another program while it performed a signing operation with libgcrypt’s Curve 25519 EdDSA implementation.

Researchers at Black Hat USA will show how vulnerabilities in Microsoft's Cortana highlight the need to balance security with convenience.

Security vs. convenience is a delicate balance to strike with new technology designed to make our lives easier. Vulnerabilities in voice assistants like Microsoft's Cortana and Amazon's Alexa are perfect examples of how the rush to simplify can cause complicated problems down the road.

Consider Cortana, which is enabled by default in Windows 10. Cortana was built to facilitate vocal interaction with laptops, desktops, smartphones, and IoT devices running Microsoft's newest OS, and it's becoming more common in the enterprise as organizations deploy Windows 10 across their environments.

Lloyds’ banking app crashed on Saturday (23 June) leaving customers unable to log in. On Twitter, users complained or seemed baffled by the situation:

“Anyone having an issue with Lloyds Online Banking / App it is saying it can’t show my account information and that my balance is N/A.” “Anyone else not able to get on Lloyds banking?”

A Lloyds spokesperson said: “We are aware that some of our customers have experienced intermittent problems logging on to their online banking this morning [23 June]. “We are working to resolve the issue as quickly as possible, and apologise for any inconvenience caused.”

A new exploit of a known vulnerability gives an attacker control of the Drupal-hosting server.

A newly discovered vulnerability in Drupal has been exploited to turn infected systems into Monero mining bots. Worse, the vulnerability could easily be exploited to do far more than simply steal resources and performance.

Researchers from the Trend Micro Smart Home Network and IoT Reputation Service Teams found the exploits of CVE-2018-7602, a remote code execution vulnerability in Drupal 7 and 8. While the vulnerability was patched on April 25, 2018, many users have yet to move to the current version, leaving an unknown number of Drupal-based websites vulnerable.

The U.S. Supreme Court today ruled that access to historical cell-site records of a person's location based on their mobile phone will require law enforcement to obtain a warrant before searching a person's historical location records.

This is the first time the high court has ruled on whether a phone subscriber has a legitimate expectation of privacy regarding a telephone company's records of their cellphone location data, according to Aloke Chakravarty, a partner in the Denver-based law firm of Snell & Wilmer.

"This is a landmark case for privacy, and how the court will deal with emerging technologies going forward," Chakravarty said via email. "It creates a new lens through which to view a government's ability to obtain third-party records where a criminal defendant neither possesses the records, doesn't have a property interest in them, may not even know they exist, and he cannot personally even access them."

The people who called into the help hotlines and domestic violence shelters said they felt as if they were going crazy.

One woman had turned on her air-conditioner, but said it then switched off without her touching it. Another said the code numbers of the digital lock at her front door changed every day and she could not figure out why. Still another told an abuse help line that she kept hearing the doorbell ring, but no one was there.

Their stories are part of a new pattern of behavior in domestic abuse cases tied to the rise of smart home technology. Internet-connected locks, speakers, thermostats, lights and cameras that have been marketed as the newest conveniences are now also being used as a means for harassment, monitoring, revenge and control.

Microsoft is hoping blockchain will make it easier to keep track of who is owed royalties for their contribution to games.

The software vendor teamed up with EY to create the solution, which is built on the Quorum blockchain protocol and “Microsoft's Azure cloud infrastructure and blockchain technologies”.

Quorum itself is an enterprise-focused modification of the core software behind Ethereum. It is being led by JP Morgan.