Security, Spoken

Android's recently released Oreo update packs in plenty of features, including a battery life boost and a notifications rethink. But Oreo's most important improvements will happen behind the scenes, with a host of security updates designed to evolve with ever-expanding digital threats. From halting ransomware to blocking malicious apps and easing Android's longstanding fragmentation woes, Oreo tackles some big problems. Learn about your ad choices: dovetail.prx.org/ad-choices

In November of 2015, Will Caput worked for a security firm assigned to a penetration test of a major Mexican restaurant chain, scouring its websites for hackable vulnerabilities. So when 40-year-old Caput took a lunch break, he had beans and guacamole on his mind. He decided to drive to the local branch of the restaurant in Chico, California. While there, still in the mindset of testing the restaurant’s security, he noticed a tray of unactivated gift cards sitting on the counter. Learn about your ad choices: dovetail.prx.org/ad-choices

In the ongoing drama that is the Trump presidency, secondary characters constantly float in and out as new storylines and Special Counsel inquiries come to light. It’s easy to lose track. So to help, let’s get to know some of Trump’s satellites, both new and old, a little better. Let’s take a look at their Amazon.com Wish Lists. In case you're unfamiliar with the feature, when you shop for an item on Amazon, an unobtrusive little button sits under the "Add to Cart" option. Learn about your ad choices: dovetail.prx.org/ad-choices

Early in August, NYU professor Siddharth Garg checked for traffic, and put a yellow Post-it onto a stop sign outside the Brooklyn building in which he works. When he and two colleagues showed a photo of the scene to their road-sign detector software, it was 95 percent sure the stop sign in fact displayed a speed limit. The stunt demonstrated a potential security headache for engineers working with machine learning software. Learn about your ad choices: dovetail.prx.org/ad-choices

Almost exactly five years after seeing the first demonstration of Cody Brocious’ Onity hacking tool, I meet Aaron Cashatt face to face in the fluorescent-lit, cafeteria-style visiting room of the Cibola Unit of the Yuma State Prison Complex. Under his orange jumpsuit he’s bulked up from prison-yard weightlifting and seems clear-eyed and sharp. Learn about your ad choices: dovetail.prx.org/ad-choices

In a refreshing change of pace, this week’s security news included little to no escalation of nuclear rhetoric. Let’s count that as a win! Among quite a few losses. Digital financial services provider Enigma, for instance, lost its supporters almost $500,000 in cryptocurrency thanks to bad password habits. Domestic helper robots lost security cred by being hacked into tiny robotic Chucky dolls. Learn about your ad choices: dovetail.prx.org/ad-choices

The Trickbot malware that targets bank customers. Password harvesters like Mimikatz. "Fileless malware" attacks. All three are popular hacking tools and techniques, but they're unconnected except for one trait: They all rely in part on manipulating a Windows management tool known as PowerShell to carry out their attacks. Long a point of interest for security researchers, PowerShell techniques increasingly pop up in real-world attacks. Learn about your ad choices: dovetail.prx.org/ad-choices

Data breaches and hacks of US government networks, once novel and shocking, have become a problematic fact of life over the last few years. So it makes sense that a cybersecurity analysis released today placed the government at 16 out of 18 in a ranking of industries, ahead of only telecommunications and educations. Healthcare, transportation, financial services, retail, and pretty much everything else ranked above it. Learn about your ad choices: dovetail.prx.org/ad-choices

Learn about your ad choices: dovetail.prx.org/ad-choices

The digital financial services developer Enigma prides itself on ultra-secure products. The company's Catalyst platform protects financial info with a cutting-edge combination of blockchain-inspired privacy technology and cryptography. So it comes as no small surprise that on Monday, scammers took over the company's website, mailing lists, and Slack accounts by exploiting some extremely basic security mistakes Enigma had made. Learn about your ad choices: dovetail.prx.org/ad-choices