Cybersecurity

http://dankaminsky.com/2016/02/20/skeleton/ Long article on this week’s glibc DNS security flaw. Posted from WordPress for Android →

Modern, Secure, Salted Password Hashing Made Simple https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016 Posted from WordPress for Android →

http://inktankmedia.fi/demystifying-the-darknet/ Posted from WordPress for Android →

Various law enforcement agencies have decried how strong encryption makes the Web “go dark,” i.e. it stymies their ability to peruse the Matrix unfettered in search of bad guys and their nefarious intentions. At the same time that authorities are seeking to enhance their digital surveillance powers, privacy advocates are pushing for more default encryption →

After a two-year campaign from the FBI, U.S. intelligence officials, and powerful politicians calling for backdoor access into Americans’ encrypted data, a new Harvard study argues that encryption is a worldwide technology that the United States cannot regulate and control on its own. The point of the research is clear: There’s a whole world of →

A stack-based critical buffer overflow was found in the way the libresolv library (glibc) performed dual A/AAAA DNS queries. A remote attacker could crash or, potentially, execute code running the library on Linux. How do I patch and protect my server or workstation against the glibc getaddrinfo on Linux operating system? http://www.cyberciti.biz/faq/linux-patch-cve-2015-7547-glibc-getaddrinfo-stack-based-buffer-overflow/ Posted from WordPress →

A new documentary on “Stuxnet”, the joint U.S.-Israeli attack on Iran’s nuclear program, reveals it was just a small part of a much bigger cyber operation against the nation’s military and civilian infrastructure under the code name “NITRO ZEUS”. http://www.buzzfeed.com/jamesball/us-hacked-into-irans-critical-civilian-infrastructure-for-ma#.lgV7VGmGm Posted from WordPress for Android →

I saw this morning a notice from my local information security authority titled “GNU C -kirjastosta (glibc) löydetty vakava haavoittuvuus“. It tells that February also this year brought another nasty security issue on glibc library (last year’s vulnerability was GHOST). It is a Critical glibc (GNU C library) security issue that needs a bug fix →

https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/ Posted from WordPress for Android →

The current situation in European Cyber Security This almost two hour long video is a part of Aalto University Kyberturvallisuus koskettaa meitä jokaista public lecture series: The current situation in European Cyber Security. This session was held at 9.2.2016 at Department of Communications and Networking. Speakers are Steve Purser (the Head of ENISA Core Operations Department) →