background preloader

Security

Facebook Twitter

Encryption

PhoneSecurity. Heartbleed. Internet Explorer. UK new cyber security website. End of WinXP support. Huawei. UK established permanent cybersexurity team. Computer security. Password security. Internet of things. A safe, secure online space. Online trust and security are often in the news these days.

A safe, secure online space

Free Remote Control, Remote Access & Online Meetings. The Silver Lining Of The NSA Scandal. It’s hard to imagine an organization of any kind having to deal with the level of backlash the NSA has had to since the spring of 2013.

The Silver Lining Of The NSA Scandal

Between revelations about backdoor links into Internet giants like Google and Yahoo to the mass data collection program known as PRISM, and, more recently, spying via gaming platforms such as Second Life and World of Warcraft, it’s understandable that a majority of the public—68% according to recent polls—believe the NSA violates the privacy of some Americans with its intelligence-gathering techniques. The public outcry may be warranted, as Bruce Schneier has well documented, and many concerns related to these egregious (and likely unconstitutional) privacy and security violations certainly need to be addressed. But the truth is that for enterprise security folks, the threat to our privacy and data is not the NSA. IT Pro Q2 Report : Is Big Brother watching you? - IT Pro White Paper Library. Snowden social-engineered co-workers to share their passwords.

Posted on 11 November 2013.

Snowden social-engineered co-workers to share their passwords

The revelations stemming from the documents exfiltrated by former NSA contractor Edward Snowden have changed the way we look at many things, but the details that have been trickling out about the way he went about getting access to those documents have also shown us how serious the insider threat can be. According to a report by Reuters based on disclosures from unnamed sources within the government, Snowden misused his status as a systems administrator to convince 20 to 25 NSA employees and his colleagues at the NSA regional operations center in Hawaii to hand over their login details for internal agency systems and networks.

Tim Berners-Lee: encryption cracking by spy agencies 'appalling and foolish' Sir Tim Berners-Lee, the computer scientist who created the world wide web, has called for a "full and frank public debate" over internet surveillance by the National Security Agency and its British counterpart, GCHQ, warning that the system of checks and balances to oversee the agencies has failed. Citigroup Acknowledges Massive Data Breach. FDA asks hackers to expose holes in medical devices, but many researchers fear CFAA & jail. With back-to-back hacker conferences about to kick off in Las Vegas, it’s an extremely exciting time for people interested in security and interested in insecurity by knowing what exactly can be done via hacking.

FDA asks hackers to expose holes in medical devices, but many researchers fear CFAA & jail

Black Hat USA, which normally has 80-90 talks, will feature a record-breaking number of 110 talks this year. SC Magazine wrote about how the fear of being sued or worse—going to prison—makes some security researchers edgy about disclosing vulnerabilities. And every year after Black Hat and Def Con, some red-faced company whose product was hacked will point fingers and make nasty accusations. Security Research Labs. SIM cards are the de facto trust anchor of mobile devices worldwide.

Security Research Labs

The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets. With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. Sim Card Cloning Hack affect 750 millions users around the world. SIM cards are among the most widely-deployed computing platforms with over 7 billion cards in active use.

Sim Card Cloning Hack affect 750 millions users around the world

Cracking SIM cards has long been the Holy Grail of hackers because the tiny devices are located in phones and allow operators to identify and authenticate subscribers as they use networks. A German cryptographer Karsten Nohl, the founder of Security Research Labs claims to have found encryption and software flaws that could affect millions of SIM cards, and allows hackers to remotely gain control of and also clone certain mobile SIM cards.

The Tweeted Times - personal newspaper generated from your Twitter account. YouTube. Zero-day attacks are meaner, more rampant than we ever thought. Computer attacks that target undisclosed vulnerabilities are more common and last longer than many security researchers previously thought.

Zero-day attacks are meaner, more rampant than we ever thought

The finding comes from a new study that tracked the number and duration of so-called zero-day exploits over three years. The typical zero-day attack, by definition, exploits software flaws before they are publicly disclosed. It lasts on average 312 days, with some lasting as long as two and a half years, according to the study by researchers from antivirus provider Symantec. Of the 18 zero-day attacks the researchers found between 2008 and 2011, 11 of them previously went undetected.

Recent revelations that the Stuxnet malware that sabotaged Iranian nuclear facilities relied on five zero days already underscored the threat posed by such attacks. Apple Warns Customers to be Cautious of SMS After 'Flaw' Cited. Apple has a message for texters: Don't trust SMS.

Apple Warns Customers to be Cautious of SMS After 'Flaw' Cited

The consumer electronics heavyweight has advised iPhone users concerned about secure messaging to use the company's iMessage service instead of their carrier's SMS network. While SMS is a relatively mature technology, in recent years it has attracted the interest of security researchers as an attack vector for smartphones. Apple made its recommendation in a statement Saturday after a well-known iPhone jailbreaking artist explained in a posting on the Internet how a "flaw" in Apple's implementation of SMS in its mobile operating system, iOS, could be used to spoof SMS messages. The flaw is in all versions of iOS, including the latest beta of the next release of the operating system, version 6.0, beta 4, according to the security researcher known as pod2g. Tips to keep kids safe online.

Malware is just a step-away when children click on games, free shoes, Justin Bieber videos or gift cards offered on social networks.

Tips to keep kids safe online

Hackers use social engineering techniques to exploit kids’ curiosity and easily convince them to click on appealing surveys and videos. These may expose computers to malware, which grabs sensitive information and sends it to a remote machine controlled by cyber criminals. Kids could also be lured to click on a malware-infected link if they try to install applications to check out their profile or photo visitors. With children keeping in touch with friends they rarely see over the school holidays, activity on Facebook, Twitter and other social networks increases. What Does Skype's Architecture Do? In the last few days we have seen reports in the media we believe are inaccurate and could mislead the Skype community about our approach to user security and privacy.

What Does Skype's Architecture Do?

I want to clear this up. At Skype, we continue to be humbled and grateful for the commitment to our product that we see from our truly global user community. We focus every day on building the best possible product for sharing experiences whenever people are apart. I Know What You Tweeted Last Summer... I Know What You Tweeted Last Summer... And All the Way Back to 2008 We have mentioned before that Twitter will send every tweet to the National Archives and the Library of Congress, so watch what you tweet. 6.5 Million LinkedIn Passwords Reportedly Leaked, LinkedIn Is “Looking Into” It. If you’re a LinkedIn user, do yourself a favor and change your password right now — according to a new report from Dagens IT, nearly 6.5 million encrypted LinkedIn passwords were recently dumped onto a Russian hacker forum. The news comes right on the heels of yet another user security kerfuffle, as the most recent LinkedIn for iOS update was found to transmit users’ meeting notes back to LinkedIn servers without their permission.

Of the millions of passwords dumped, Dagen IT claims that nearly 300,000 of them have been decrypted so far and that number seems sure to grow as users spread that hefty file around. Romanian authorities dismantle hacker group targeting government websites. IDG News Service - Twelve individuals were detained by Romanian authorities on Tuesday, suspected of being members of a cybercriminal group that hacked into the websites of various Romanian and foreign public institutions and government agencies.

Lawmaker wants to clarify Pentagon’s authority for cyber operations - Defense - Nextgov. Ex-TSA Chief Calls Airport Security Screenings 90 Percent "Clutter" Cocoon and Cocoon+ Now Approved as a Download on Mozilla's Firefox. Hacker exposes 40,000 Credit Cards from Digital Playground. Hacker exposes 40,000 Credit Cards from Digital Playground A new hacking group called The Consortium has hit the scene and their first take down is the porn site Digital Playground deface it and Mirror is available here.

Everything, including credit card information, was stored in plain text. Deutsche Telekom: simko: "Fort Knox" in the Telephone. Telekom offers security for those who work with cell phones.Data and communication protection for business and government.Espionage, sabotage, cyber attacks are real threats. Sopa / pipa - Page 2 - Dynamic Drive Forums. Trendnet home security camera feeds accessible to anyone. FBI will Monitor Social Media using Crawl Application. FBI will Monitor Social Media using Crawl Application The Federal Bureau of Investigation is looking for a better way to spy on Facebook and Twitter users. The Bureau is asking companies to build software that can effectively scan social media online for significant words, phrases and behavior so that agents can respond.A paper posted on the FBI website asks for companies to build programs that will map sentiment and wrongdoing.

Technolog - Facebook scam threatens to delete your account. Hotel booking confirmation emails aim to infect your computer. Watch out! Beware Adobe Software Upgrade Notification – malware attached! Twitter Scam Betrays Users' Lack of Savvy - PCWorld Business Center. National : Facebook, Google face prosecution. Apple Crash Reports Help Hackers to create a jailbreak exploit. Apple Crash Reports Help Hackers to create a jailbreak exploit. HP Printer Hack Video Shows Sensitive Data Tweet Too. Security Job Openings: Jacadis looking for Security Analysts - Secure Value. Documentary: Secret CIA Prisons in Europe. How Do I Securely Wipe a Computer? Researchers Find LinkedIn Spam Downloads Trojan. Researchers from Barracuda Labs have discovered a spam email operation with spoofed headers making the messages appear to be from the professional social network LinkedIn.

BART Police Database Hacked #OpBART.