Cybersecurity

http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/ New attack against HTTPS. →

http://securityaffairs.co/wordpress/47179/hacking/hacking-ss7-protocol.html This article shows how to abuse SS7 to hack SMS authentication. →

http://fortune.com/2016/08/02/telegram-hackers-iran/ The use of SMS verification seems to be the weak link here. The SMS messages are not secure enough. →

https://www.theguardian.com/technology/2016/aug/02/battery-status-indicators-tracking-online New web APIs give new unexpected ways to track users… →

http://www.zdnet.com/article/how-hackers-can-make-virtually-any-person-click-on-a-dangerous-link/ Humans are a weak link in security that can’t be properly fixed with training. →

http://nbr.com/2016/07/25/heres-what-your-personal-data-is-going-for-on-the-dark-web/#.V58SAWOXxwE.linkedin How much does your personal data cost in dark web market? →

http://mobile.eweek.com/security/black-hat-usa-and-defcon-finding-security-risks-in-all-the-things.html There is no such thing as security by obscurity – flaws will be revealed. →

https://www.wired.com/2016/07/meet-moxie-marlinspike-anarchist-bringing-encryption-us/ Designer of Signal app and encryption used by WhatsApp. →

http://www.darkreading.com/vulnerabilities—threats/kpmg-study-breaches-up-security-spending-down/d/d-id/1326415 →

http://www.zdnet.com/article/nist-blog-clarifies-sms-deprecation-in-wake-of-media-tailspin/ NIST wants two-factor-authentication to be widely used – but does not want SMS to be a factor in this. There are good reasons for both recommendations. →