FBI Chief Asks Tech Companies to Stop Offering End-to-End Encryption | Motherboard

Sure, we should just open all information to all governments, right? Who needs a warrant? Who needs due process? Because all of those politicians — with their hands in the pockets of special interests — only have the citizens best interests at heart, right? I mean when has our government ever been corrupt and/or morally bankrupt? Actually, today. When has law enforcement ever overreached? Oh, yeah. Every day this year…

Today, FBI Director James Comey thinks tech companies that offer encryption should “change their business model.”
Despite there still being no solid evidence the attackers benefited from or even used encryption (in at least one case, they coordinated via distinctly unencrypted text messages) law enforcement and national security hawks have used the tragedies to continue pressing tech companies to give the US government access to encrypted communications—even if that means rolling back security and changing the nature of their businesses.

Source: FBI Chief Asks Tech Companies to Stop Offering End-to-End Encryption | Motherboard

Get A Glimpse Of The Cyber Threat Landscape For 2016 And Beyond | Hacked

Here’s a rundown of the cyber threat landscape for 2016 and beyond, courtesy of a report from Intel security.
Coming In 2016

The 2016 predictions covers threats from ransomware, infrastructure attacks, attacks on automobile systems and the sale and warehousing of stolen data.

• Hardware: Attacks on hardware and firmware will continue while the market for the tools that facilitate them will increase. System firmware toolkits could target virtual machines.

• Ransomware: Ransomware is a growing threat that could anonymize payment methods and networks. More inexperienced cybercriminals will use ransomware-as-a-service.

• Wearables: Most wearable devices store only small amounts of information, but cybercriminals could target them to undermine the smartphones that manage them. The industry will have to protect attack surfaces like networking and wi-fi software, operating system kernels, memory, user interfaces, storage systems and local files, web apps, virtual machines and security and access control software.

• Employee systems: Attackers are likely to target organizations through their employees, including their home security systems, to access corporate networks. Organizations will have to stay vigilant by implementing new security technologies, create effective policies and hire experienced people.

• Cloud services: Attackers could exploit vulnerable security policies that protect cloud services. These services could undermine business strategy, financials, portfolio strategies, next-generation innovations, employee data, acquisition and divestiture plans, and other data.

• Automobiles: Connected automobile systems that lack security capabilities will be potential scenarios for exploitation. Automakers and IT vendors will partner to provide standards and solutions to protect attack surfaces like engine and transmission engine control units (ECUs), remote key systems, advanced driver assistance system ECUs, passive keyless entry, USBs, OBD IIs, V2X receiver, smartphone access and remote link type apps.

• Warehouses of stolen data: The dark market for stolen, personally-identifiable information and user names and passwords will increase in 2016. Big data warehouses that link together stolen, personally-identifiable information sets make combined records more valuable to attackers.

• Integrity attacks: Selective compromises to systems and data mark one of the most significant new attack vectors. Such attacks seize and modify transactions or data to favor perpetrators. An attacker can change direct deposit settings for a victim’s paychecks and direct the deposit to a different account. Cyber thieves could steal millions of dollars in an integrity attack in the financial sector in 2016, McAfee Labs predicts.

• Sharing threat intelligence: Enterprises and security vendors will increasingly share intelligence. Legislative action could allow governments and companies to share threat intelligence. Best practices in this area will increase, allowing success metrics to emerge and quantify protection improvement. Threat intelligence cooperatives among vendors will grow.

Source: andscape For 2016 And Beyond | Hacked

FBI admits it uses stingrays, zero-day exploits | Ars Technica

FBI admits it uses stingrays, zero-day exploits

Yeah, these are the guys that want to put an end to encryption because: criminals. But without the ability to protect oneself, everyone is subject to these invasions. As a note, others have gone to jail (almost forever) for doing what the FBI is doing. How is their bending of the law any different than those in prison?

stingrays generally intercept all cell phone communications in a given area, not just those of a drug or kidnapping suspect. Paying large sums of money to buy zero-days, meanwhile, creates powerful incentives for governments to keep the underlying vulnerabilities secret

Source: FBI admits it uses stingrays, zero-day exploits | Ars Technica