You might think that the kind of tech heads who attend CES and Mobile World Congress have a clue about security. Avast set up an experiment to prove that’s not necessarily the case. How did they do it? By setting up a rogue wireless access point and broadcasting SSIDs like Starbucks, Airport_Free_Wifi_AENA, and MWC Free →
An analysis by researchers at Bastille Networks indicates that your wireless mouse might provide an attacker with a route to get malware onto your machine, provided they’re within about 100 meters. They’ve dubbed this vulnerability “Mousejack.” The researchers tested many mice from manufacturers like Logitech, Dell, and Lenovo that operate over 2.4GHz wireless communications. This →
http://dankaminsky.com/2016/02/20/skeleton/ Long article on this week’s glibc DNS security flaw. Posted from WordPress for Android →
Modern, Secure, Salted Password Hashing Made Simple https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016 Posted from WordPress for Android →
http://inktankmedia.fi/demystifying-the-darknet/ Posted from WordPress for Android →
Various law enforcement agencies have decried how strong encryption makes the Web “go dark,” i.e. it stymies their ability to peruse the Matrix unfettered in search of bad guys and their nefarious intentions. At the same time that authorities are seeking to enhance their digital surveillance powers, privacy advocates are pushing for more default encryption →
After a two-year campaign from the FBI, U.S. intelligence officials, and powerful politicians calling for backdoor access into Americans’ encrypted data, a new Harvard study argues that encryption is a worldwide technology that the United States cannot regulate and control on its own. The point of the research is clear: There’s a whole world of →
A stack-based critical buffer overflow was found in the way the libresolv library (glibc) performed dual A/AAAA DNS queries. A remote attacker could crash or, potentially, execute code running the library on Linux. How do I patch and protect my server or workstation against the glibc getaddrinfo on Linux operating system? http://www.cyberciti.biz/faq/linux-patch-cve-2015-7547-glibc-getaddrinfo-stack-based-buffer-overflow/ Posted from WordPress →
A new documentary on “Stuxnet”, the joint U.S.-Israeli attack on Iran’s nuclear program, reveals it was just a small part of a much bigger cyber operation against the nation’s military and civilian infrastructure under the code name “NITRO ZEUS”. http://www.buzzfeed.com/jamesball/us-hacked-into-irans-critical-civilian-infrastructure-for-ma#.lgV7VGmGm Posted from WordPress for Android →
I saw this morning a notice from my local information security authority titled “GNU C -kirjastosta (glibc) löydetty vakava haavoittuvuus“. It tells that February also this year brought another nasty security issue on glibc library (last year’s vulnerability was GHOST). It is a Critical glibc (GNU C library) security issue that needs a bug fix →