Week in security with Tony Anscombe

ESET research uncovers a vulnerability in Wi-Fi chips – How to protect yourself against tax refund fraud – Clearview AI suffers a data breach

ESET researchers have published details about KrØØk, a serious vulnerability affecting common Wi-Fi chips used in devices such as smartphones, tablets, laptops, IoT gadgets, Wi-Fi access points and routers. As tax season is in full swing, we outline ways how you can stop identity thieves from stealing your tax refund. The secretive facial recognition company Clearview AI has disclosed a data breach that exposed the list of its customers. All this – and more – on WeLiveSecurity.

Firefox turns on DNS over HTTPS by default for US users

People in other parts of the world also have the option to flip on DNS encryption

Mozilla has begun to roll out DNS over HTTPS (DoH) on its Firefox browser by default for all users in the United States, in a bid to enhance their privacy and security on the web. “The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox’s US-based users,” said Mozilla this week.

The Domain Name System (DNS) is central to the internet’s fabric – when you type the name of a website into the address bar of your browser, a DNS server converts the name xyz.com into a numeric address, or to use a term you may be more familiar with, an IP address. However, these requests and replies are sent in clear text, exposing netizens to a host of privacy and security threats.

This is where DoH should come in, since it adds encryption to the process of DNS lookups. “This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit,” said Selena Deckelmann, Vice President for Firefox Desktop Product Development. Other browsers, such as Chrome and Brave, have also started to support DoH.

Not everyone has hopped on the DoH bandwagon, however. In a recent interview for WLS, Internet pioneer Dr. Paul Vixie disputed claims put forward by DoH advocates: “No actual privacy is added by DNS over HTTPS (DoH); that’s a lie that its proponents tell to cover up their real motives. DNS over TLS (DoT) offers the same privacy as DoH, because they both rely on Transport Layer Security (TLS).”

This is not the only concern, as DoH can have negative implications for security as well. With DoH in place, organizations’ security operations center teams may have a hard time identifying malware communication that can masquerade as regular HTTPS traffic on their networks. Fortunately, there are multiple ways to deal with the challenges, and we discussed them in a dedicated article earlier this month.

The DoH option is enabled by default in the United States only. If you’re outside the US and want to activate it, you can do so by navigating to Firefox’s Options menu, scrolling down to Network Settings, clicking on Settings on the right and then scrolling down and ticking the ‘Enable DNS over HTTPS’ checkbox. You can choose between two providers, Cloudflare and NextDNS, that Mozilla considers trusted DNS resolvers.

28 Feb 2020 – 02:39PM

Cyberbullying: How is it different from face‑to‑face bullying?

The digital age has added a whole new dimension to hurtful behavior, and we look at some of the key features that set in-person and online bullying apart

Bullying is an ever-present global problem: it happens in schools, offices and even in homes. The issue has been tackled by law enforcement, school officials, governments, and various non-profit organizations alike. With the advent of digital technology, the problem has extended to the online realm, and cyberbullying has become so pervasive that this term even wormed its way into the Concise Oxford English Dictionary.

As today is International Stand Up to Bullying Day, let’s shed some light on the differences between in-person and online abuse and harassment.


In face-to-face bullying, as the name suggests, you are very aware of who your bully is – or bullies are. Even if they slander you behind your back, they usually make a show of it. On the other hand, cyberbullies have an extra advantage: the internet can provide them with the extra layer of anonymity. The bullies hide behind pseudonyms and obviously unreal profile pictures on public message boards or social media, keeping themselves out of (h)arm’s reach. Since the victims don’t know who their bullies are, it diminishes the chance that the antagonizers will be caught and minimizes their fear of being punished.

A public audience

According to a recent Pew Research study, 59% of US teens have experienced some form of cyberbullying. Unfortunately, the appeal of cyberbullying, besides its anonymity, is ease of access. Bullying someone face-to-face involves the assailant, the victim, and perhaps some bystanders. But, on the internet, bullying can spread like wildfire and it can take many forms, from threatening direct messages to public rumors, and crude photoshop images of the victim. Even worse: more than one bully can join in, setting up a snowball effect on the victim.

Being connected all the time

When it comes to traditional bullying, it’s easier to seek shelter elsewhere, since the act itself depends on physical proximity to the abuser. The same cannot be said about cyberbullying, since you are a target no matter where you are, as long as you are connected … which is rarely avoidable in this digital age. You can go to sleep and wake up to a new slew of threatening messages in your inbox or new rumors circulating about you on the internet. Such incessant bullying may even lead to victims feeling unsafe in the place they should feel safest: their homes.


Online bullies tend to be more detached from their actions, and more importantly from the consequences of their actions, since they don’t have face-to-face interactions with their victims. To put it in simple terms: since they can’t see what their actions are doing to the victims, they tend to feel little or no remorse. This has been documented by the online disinhibition effect. In the case of cyberbullying, it is called toxic disinhibition, and it includes inappropriate or even antisocial behavior such as hostile language or threats. People online can behave differently to how they behave in real life, since they lose their inhibitions and believe that there will be no consequences for their actions.

Online is forever

You may be familiar with the saying “What happens in Vegas stays in Vegas”, which implies the privacy of an event. In the case of the web, what goes there stays there, although it is far from private. Anything that goes on the web may be hard to erase entirely. Unfortunately, this also applies to rumors or images that cyber-bullies may post online and for others to see. In these cases, you can ask the service providers to take the posts down. Facebook, Instagram, Twitter, YouTube and and other major services all have dedicated site sections that will help you with that. There are even companies that specialize in hunting down data and then ask the websites to remove the information or at least make it difficult to find.

What to do if you’re a victim of cyberbullying

Bullying in whatever form is a very sensitive topic, which can be very difficult to broach. It affects everyone regardless of age, race, gender or religion. Although it can make you feel isolated, always remember you’re not alone and there are people who care about you, so don’t be afraid to speak up about your problems and seek help.

Also, remember that it’s not your fault and you did nothing that warrants this kind of behavior. Nobody deserves to be bullied under any circumstances, no matter who they are, how they look or what they believe.

Don’t keep it to yourself; talk to someone you trust. It could be your parents, teachers, boss or even healthcare professionals. They are all here to help you and support you.

Keep the evidence of cyberbullying – print it out, screenshot it, save it however you can. It can be emails, blog posts, social media posts or direct messages; just keep a record of them. You will need proof when reporting the behavior. Report the bullying to the respective services hosting the abuse and, if it is happening in a forum, you can flag the comments. If you’re still at school, it’s important to show the posts to your parents.

The following websites offer not only advice, but also contacts for counseling services:

Further resources:

What is cyberbullying and how to defend against it?
Stop Cyberbullying Day: Advice for victims and witnesses
Cyberbullying: What schools and teachers can do
How to spot if your child is a victim of cyberbullying

To learn more about more dangers faced by children online as well as about how technology can help, head over to the Safer Kids Online platform.

28 Feb 2020 – 11:30AM

Facial recognition company Clearview AI hit by data theft

The startup came under scrutiny after it emerged that it had amassed 3 billion photos from social media for facial recognition software

The controversial facial recognition company Clearview AI has notified its customers that a bad actor had “gained unauthorized access” to its entire client list, which includes some of the most powerful law enforcement agencies in the United States. According to the notification obtained by the Daily Beast, the stolen information included customer names, the user accounts that the customers had set up, and even the number of searches that they ran through the service.

Overall, however, details are sparse about the nature of the incident or how it unfolded.

“Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security,” Tor Eklund, an attorney representing the company, was quoted as saying.

Interestingly, Clearview AI denied that it had suffered any sort of breach of its own servers. The startup also gave assurances that the bad actors weren’t able to gain access to the search histories of any of the law-enforcement agencies using the system. Apparently, the image database was not accessed, either.

ESET Security Specialist Jake Moore shared his expert opinion on the matter: “Data breaches might be part of life in the 21st century but we need to make sure the severity is kept to a minimum and the data exposed is heavily encrypted. Any data breach is serious and should not be taken lightly. If the data exposed had included faces, it would have taken this to the next level.”

He goes on to emphasize: “Companies which hold extremely sensitive data such as facial identities need to understand they are a higher profile risk and need even more layers of protection to thwart these inevitable attacks.”

Clearview AI has been in the spotlight after the New York Times wrote that the company had scraped over 3 billion images from social media such as Facebook, YouTube, and Twitter. The company received cease-and-desist letters from the affected tech giants, which claimed that Clearview AI had violated their terms of use. The company, which has also been hit with class-action lawsuits by American citizens, seems unruffled by the accusations and argues that it has a First Amendment right to scrape public data.

Facial recognition is a hotly discussed topic, especially due to the underlying privacy concerns and the potential for misuse of the technology. San Francisco, for one, was the first city in the United States to ban its use by law enforcement and local agencies. Meanwhile, the European Union mulled a temporary ban on the use of the technology in public places, but eventually backtracked on the idea.

27 Feb 2020 – 04:01PM

RSA 2020 – Hacking humans

What the human battle against biological viruses can teach us about fighting computer infections – and vice versa

This year at the RSA conference in San Francisco there’s an unspoken unrest about the threat of a rapidly spreading virus. Not a digital one this time, but the oft-demonized coronavirus. It gives us a chance to think about the risks of something bad spreading in a way that’s more palpable, more real, more scary.

And yet, looking at the spread of malware brings to mind several notable parallels:

It never stays home

Wherever a piece of malware starts, there’s no way to know for certain where it will spread. For decades, nations have wrestled with the idea that “hacking back” and deliberately knocking out your opponents’ digital capability will be tidy – one hit and you’re done. That’s never the way it works. Story after story of the collateral damage from a rogue piece of malware showing up in another area of the globe and leveled against an unintended target, is a valuable lesson in what can go wrong.

It’s not as bad as some would think

Splashy headlines aside, it’s amazing the speed with which folks worldwide have collaborated in triage, controlling the spread, educating, damage control after the fact and so on in the physical realm. We’re good at working together to stop badness. Doesn’t matter the area of the world, good people working together can work miracles against the odds. We can overcome, it’s not as bad as you would think.

You can’t hide your head in the sand

It’s understandable why some folks would choose caution against potential physical infirmities, but we’re here at RSA anyway. Why? We’re optimistic that over-zealous panic will yield to calmer, more prepared minds. We can beat this by constructively engaging, and that’s what we’re doing here. Not careless, but thoughtful dialog wins the day.

We will learn something new

Better ways to protect, better ways to defend, better techniques, better understanding all around. Following a bad event is one of the best times to reflect on what went right and what could be better. These learning opportunities and feedback loops can be baked in to lessen the chances of a repeat. While there’s no such thing as a perfect defense, there are always a host of learning moments if we take them.

Our machines are getting better

Digital machines are getting better, faster, and more accurate at detecting, defending and triaging bad events. Mapping the worldwide telemetry of bad events by consuming mountains of data and coming up with educated predictions followed by feedback loops which tune the engine further have enormous benefit, starting with speed. Wrangled by humans, the machines can do the heavy lifting, repetitive jobs that keep us all safer.

No system is perfect. No bad event follows a linear progression, and the outlier events give cause for pause. Still, whether at RSA discussing digital events, or at a health facility somewhere working on the corona virus, our hats are off to you. We need you to continue helping to make us all safer.

27 Feb 2020 – 02:30PM

Did someone file your taxes before you?

With tax season – and tax scams – in full swing, here’s how fraudsters can steal your tax refund, and how you can avoid becoming a victim

Identity theft is estimated to affect nearly 60 million people in the USA; or, considered another way, that is more than 1 in every 6 Americans. Cybercriminals will use any opportunity to monetize the effort they have taken to steal an identity, and at this time of year it’s probably tax identity theft for the purposes of tax refund fraud.

US residents and citizens are required to file taxes with the Internal Revenue Service (IRS); the filing is a summary of their earnings and possible deductions so that tax liabilities and credits can be reconciled. The USA works on a deduction system that reduces tax liability, for example if you own a home the property taxes can be deductible. The list of possible deductibles is extensive and if you are an employee, it normally results in a refund on taxes paid through normal payroll withholding.

Each individual filing taxes in the USA is identified by either a social security number or, in some cases, a unique Tax Identification Number (TIN). A Social Security Number (SSN) is a very common form of identifying an individual in the USA, used by banks, health care providers, government agencies and many other organizations to identify a person. As a result, consumers provide their SSNs to many companies and organizations, which can lead to them being victims if there is a data breach. An example of such a breach is the Equifax incident in 2017 when the personal details of 143 million Americans, including SSNs, were stolen by hackers.

Data breaches are only one mechanism used by the bad actors to glean the needed information. Impersonating either the IRS or another organization such as the Social Security Administration (SSA) promising quick or large refunds, or threatening the removal of benefits, fraudsters can dupe unsuspecting individuals into divulging their personal data through phishing scams by email, robocalls and text messages. This involves attempts to gain the trust of the receiver or even make them feel threatened enough to hand over personal information, giving the cybercriminal enough basic data to file a fraudulent tax return. This results in refunds being issued to the cybercriminal before the legitimate individuals even get the opportunity submit their own tax forms.

The cybercriminal’s target is not only the individual; tax professionals who prepare and file taxes for many clients potentially provide a single place for a cybercriminal to gain all the necessary data to file returns for many individuals. It’s important that good data security practices and technology are in place for both individuals and tax professionals and are reviewed for effectiveness on a frequent basis.

There is good news. The IRS and its partners have implemented numerous mechanisms to detect tax returns potentially involving identity theft; the 2019 tax season showed a 72% decrease in the number of fraudulent tax returns when compared to the previous year. The 193 identity theft filters that the IRS employed identified more than 3 million tax returns, with refunds totaling approximately $14.7 billion, for additional review, resulting in preventing $184.2 million in fraudulent tax refund requests from being issued. The full details can be found in a report drafted by the US Treasury.

The IRS provides advice on its Taxpayer guide to identity theft webpage on how to detect the signs of identity theft, how best to protect against it and what to do if you think you may be a victim. The advice does, of course, include the need for: using up-to-date security software, strong and unique passwords or passphrases, and encryption; avoiding phishing scams; and such like.

Reporting scams to the relevant authorities allows them to ascertain the scale of the issue and potentially track down the perpetrators and bring them to justice. If you think you have received an IRS-related phishing scam, forward it to [email protected]. SSA phishing scams, fraudulent robocalls or texts can be reported through the SSA impostor scam reporting form or the FTC’s complaint assistant.

I published a blogpost on identity theft a few months ago; in an attempt not to sound like a broken record and repeat the IRS, my previous advice is that I suggest considering an additional proactive approach. The next time a person or website requests personal information, ask some questions – do they really need it, how long will they store it, will it be protected, do I trust them to secure it? The collection of personal data is, for some, a business that provides great rewards – as consumers we need to engage in the protection of our identity by being less willing to hand over our data to just about anyone who requests it.

And lastly, the IRS never asks for personal information via email or over the phone, and the SSA never calls to threaten your benefits. Detailed information on how the IRS contacts people can be found at How the IRS contacts tax payers. Additional guidance on phone scams is available on this SSA page.

27 Feb 2020 – 11:30AM

Is bug hunting a viable career choice?

With earnings of top ethical hackers surpassing hundreds of thousands of dollars, some would say yes

Ethical hackers earned nearly US$40 million in bug bounties in 2019, which was almost equal to payouts for all previous years combined, according to the 2020 Hacker Report by bug bounty platform provider HackerOne.

The popularity of white hat hacking as a career is soaring, so much so that, for some, it has become a lucrative career option. The hackers once saw themselves as inhabitants of the darkest recesses of the internet, but times have changed, notes the platform’s fourth annual report.

No fewer than 850 white hats are joining the ranks of the 600,000-strong community on average every day. No wonder since seven bug hunters have already surpassed US$1 million in lifetime earnings from their pursuits, while 13 more hit the US$500,000 mark. A total of 146 bug hunters have earned more than US$100,000, which is almost triple the number of white hats who earned that much in 2018.

Based on a survey published in the report, however, most members of the community consider ethical hacking as a way to supplement their incomes. By contrast, just about 22% of respondents claim that hacking makes up their whole incomes. That is corroborated with 40% of participants stating that they devote 20 hours a week to sleuthing for vulnerabilities, while just 18% consider themselves full-time ethical hackers.

Although white hats want to help organizations, two-thirds of them chose not to report their findings due to a variety of reasons. Four in ten stated that it was due to “threatening legal language” listed on the organization’s website, while one in five said that “companies didn’t have an obvious channel through which to report findings”. In some cases, the companies didn’t respond to bug reports.

“That’s thousands of bugs that have gone unreported, and a significant amount of untapped potential,” notes the report.

The thrill of the challenge remains the biggest motivation for hacking for most, while financial remuneration comes in a close second. But the order switches when it comes to the question of what attracts them to particular bounty programs. The bounties offered are overwhelmingly in first place when white hats choose a company to hack and the challenge or opportunity to learn is the second greatest motivator. Governments lead the way with their progressive approach, by organizing bounty programs, such as identifying vulnerabilities in the digital assets of the US Air Force.

As for the bounties themselves, ethical hackers from the United States earned one-fifth of all the bounties last year, while India was second with a 10% portion of the rewards. Meanwhile, their peers from Austria and Switzerland increased their haul from bounties almost tenfold compared to the previous year and white hats from the APAC region earned 250% more year-on-year.

HackerOne has seen the number of its members almost double in the past year, with most of its users being under the age of 35. Hackers from India were the most productive, accounting for 18% of all the reports submitted in the last year, with US-based white hats submitting 11% of the total.

To date, more than 150,000 software vulnerabilities have been reported through the platform.

26 Feb 2020 – 07:01PM

KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices

ESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices

ESET Research has published its latest white paper, KrØØk – CVE-2019-15126: Serious vulnerability deep inside your Wi-Fi encryption. This blogpost summarizes that white paper, authored by researchers Miloš Čermák, Robert Lipovský and Štefan Svorenčík. For more information, readers can also refer to our dedicated webpage.

ESET researchers discovered a previously unknown vulnerability in Wi-Fi chips and named it KrØØk. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. In a successful attack, this allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device.

KrØØk affects devices with Wi-Fi chips by Broadcom and Cypress that haven’t yet been patched. These are the most common Wi-Fi chips used in contemporary Wi-Fi capable devices such as smartphones, tablets, laptops, and IoT gadgets.

Not only client devices but also Wi-Fi access points and routers with Broadcom chips were affected by the vulnerability, thus making many environments with unaffected or already patched client devices vulnerable anyway.

Our tests confirmed that prior to patching, some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to KrØØk. This totaled to over a billion Wi-Fi-capable devices and access points, at a conservative estimate. Further, many other vendors whose products we did not test also use the affected chipsets in their devices.

The vulnerability affects both WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption.

Kr00k is related to KRACK (Key Reinstallation Attacks), discovered in 2017 by Mathy Vanhoef, but also fundamentally different. In the beginning of our research, we found KrØØk to be one of the possible causes behind the “reinstallation” of an all-zero encryption key, observed in tests for KRACK attacks. This followed our previous findings that Amazon Echo was vulnerable to KRACK.

We responsibly disclosed the vulnerability to chip manufacturers Broadcom and Cypress, who subsequently released updates during an extended disclosure period. We also worked with the Industry Consortium for Advancement of Security on the Internet (ICASI) to ensure that all potentially affected parties – including affected device manufacturers using the vulnerable chips, as well as any other possibly affected chip manufacturers – were aware of KrØØk.

According to our information, patches for devices by major manufacturers have been released by now. To protect yourself, as a user, make sure you have applied the latest available updates to your Wi-Fi-capable devices, including phones, tablets, laptops, IoT devices, and Wi-Fi access points and routers. As a device manufacturer, please inquire about patches for the KrØØk vulnerability directly with your chip manufacturer.

These findings were presented publicly for the first time at the RSA Conference 2020.

Special thanks to our colleagues Juraj Bartko and Martin Kaluznik, who greatly contributed to this research. We’d also like to commend Amazon, Broadcom, and Cypress for their good cooperation on dealing with the reported issues and ICASI for their assistance in informing as many of the impacted vendors as possible.

and 26 Feb 2020 – 03:51PM

Is your phone listening to you?

Do social media listen in on our conversations in order to target us with ads? Or are we just a bit paranoid? A little test might speak a thousand words.

We have all heard that our phones could be listening to our everyday conversations in order to then bombard us with targeted adverts. Is there any truth to the matter, though? Have you ever tested this theory and talked about an obscure product with friends and then waited patiently to see whether an advert for that vacuum sealer or scented colander you mentioned appeared in your social media feeds? If it never came up, you may simply have forgotten about your test. If it did appear, however, then you’d probably have thought that your phone must have been listening to every word and was now invading your privacy.

There has been plenty of discussion about whether social media apps are able to listen in and many people have even noted seeing obscure targeted adverts appear in their feeds after speaking about them in daily conversation. However, this would be illegal in most countries without the user being completely aware of this, let alone difficult for the companies to perform.

So, I decided to find out what Twitter users think about the subject and created a poll asking if people think their phone or apps are listening to them. I received 234 votes, with 80% of people claiming that their phones are listening to them. This is a very interesting outcome, especially when most of my followers and retweets came from the InfoSec community.

Let’s just take a moment to think about if they were able to listen. First, we will need to park the idea that it would be a gigantic scandal in the waiting. Indeed, if it ever came out, the online services involved would be sued to the hills and back, which would possibly take them out of business and never to be seen again.

The numbers

Let’s discuss the sheer volume of data required to listen to our conversations. When recording to audio, general talking would be consumed at around 115 megabytes per hour (15-bit depth, in mono, calculated here). So, for a normal day, let’s say we are awake for about 15 hours on average (not considering your sleep talking and inner thoughts – although that would be interesting!).

However, we don’t all speak the whole day long, so let’s consider only a quarter of that. We are now looking at around 430 megabytes of audio per day per person. There are 800 million people on Instagram so if they recorded our conversations from every one of us on Instagram, they would need to be storing around 344 petabytes (1015 bytes) of data a day. To put that into perspective, there are around 2,500 petabytes (or 2.5 exabytes; 1018 bytes) of data created each day around the world at our current pace. Would social media platforms really be able to process such an amount of data per day even if it were compressed?

The most likely theory is that social media wouldn’t realistically be able to deal with this amount of data pouring in each day, let alone examine it and make use of it. It is far easier to analyze the data of individuals in other ways and to profile them from data that is already online. Such profile building includes: your age (either from the date of birth you have entered or via age-guessing software), your sex, a photo analysis to determine your interests, reading captions and hashtags in posts and the likes you give – even the amount of time you spend on posts that you don’t otherwise engage with.

Their algorithms are then able to determine if you are single, in a job, have children, a pet, own a car, your style of clothing, your hobbies, your future interests …, the list is virtually endless. They are even able to make a well-informed guess as to what your next purchase will be before you have even given it much thought.

The theory surrounding social media listening suggests that if you don’t want to have your conversations monitored, then you must turn off the microphone in the app. You may have noticed that when you turn off the microphone in Instagram, then you aren’t able to post to Stories. This wouldn’t be the end of the world for me, so I decided to test it.

The test: part 1

To try and entice some interesting adverts and make this a serious test, I left my phone’s microphone on for 2 weeks and had very random (and hilarious) clear conversations about 3 random topics which I had not spoken about before:

How I am now a vegan; That I am wanting to purchase some high heels; And I am thinking of building a swimming pool in my back garden.

These are the adverts I actually received on Instagram:

Snowboarding goggles; Waterproof shoes; An electric skateboard; Cough medicine; Gin; VW cars

I didn’t get anything to do with vegan food, high heels or how to build a swimming pool in my back garden which I am gutted about as I would have loved to eat avocado on toast on my inflatable pool whilst wearing a pair of Gucci heels.

Ok, so there was nothing that I had spoken about in my ads, but I was still interested in the ads I receive. It doesn’t take a genius to work out that I am into the products above and likely to buy them at some point. From my Instagram you will quite easily notice that I’m late 30s, married, a family man, into the outdoors and particularly extreme sports.

But then here’s the interesting part. Have I spoken about anything relating to the above list recently? Maybe there is a sound reason for each one being there, so here is my theory for being delivered each advert:

Snowboarding goggles: I have mentioned to

Week in security with Tony Anscombe

Hunting down Linux threats – The implications of DNS encryption for business security – MGM Resorts breach hits millions of people

What are the main threats facing Linux-based systems and how do you hunt down Linux malware? We reached out to ESET malware researcher Marc-Etienne M.Léveillé to get an expert perspective on threats facing Linux. The escalation in Domain Name Service (DNS) attacks has helped raise awareness about challenges associated with DNS security – what does the dawn of the DNS over HTTPS era mean for business security? Meanwhile, the personal information of 10.6 million former guests of MGM Resorts hotels has been leaked online. All this – and more – on WeLiveSecurity.