19 hours ago Brinks' Super-Secure Smart Safes: Not So SecureWIRED View Synopsis+1
"Making these safes smart...has actually drastically reduced the security of something that was fairly safe to begin with."
The post Brinks' Super-Secure Smart Safes: Not So Secure appeared first on WIRED.
11 hours ago Researchers find vulnerability in Skoda vehiclesSC Magazine View Synopsis+1
Researchers at Trend Micro discovered a security flaw in Skoda automobiles that could allow an attacker to spy on vehicle data.
10 hours ago PKI Trust Models: Whom do you trust?SANS Reading Room View Synopsis+1
There has been a substantial amount of attention in the media recently regarding Public Key Infrastructures (PKI). Most often, secure web server exploits and signed malware have generated this attention and have led to the erosion of trust in PKI. Despite this negative media attention, there has been very little detailed discussion of the topic of PKI Trust proliferation and control. PKI is an integral part of our daily lives even though, for the most part, we never notice it. Europe is several years ahead of North America in the ubiquitous deployment of PKI to its citizens, but North America has begun to catch up. This paper covers four major areas including the definition of trust and trust models, implementation of trust, auditing of trust, and managing trust. The paper provides proof of concept tools to allow administrators to understand their current level of PKI trust and techniques manage trust.
The White House rejected a call Tuesday to pardon Edward Snowden, saying the former intelligence contractor should "be judged by a jury of his peers" for leaking US government secrets.
During a symbolically powerful visit to his father's homeland over the weekend, President Barack Obama praised Kenya's progress while urging the country to protect gay rights. From there, Obama traveled to Ethiopia, where he spoke about the spiraling conflict in South Sudan and al-Shabaab's threat in Somalia. No Olympics For Boston: Boston Mayor Marty Walsh dealt a fatal blow to the city's controversial 2024 Olympic bid when he refused to a sign a contract guaranteeing the costs to host the Games.
Sea turtles don't alter their movements to avoid shark attacks, researchers find, which means sea turtles are tougher than most of us.
1 hour ago Why We Get Defective Power FeedsIT Toolbox Blogs View Synopsis+1
Power defects (or disturbances, interference or transients) can have many causes. Lightning is an obvious source. Lightning does not have to hit power, telephone or data lines directly to affect electronic equipment. The electromagnetic field generat...
The group behind the disastrous Anthem hack is believed to be part of a zero-day sharing network.
19 hours ago Serious Android Flaw: Devices At RiskInfoRiskToday View Synopsis+1
Stagefright Flaw Affects 900M Devices, But Will OEMs Patch?Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
19 hours ago Stagefright Vulnerability in Android PhonesSchneier blog View Synopsis+1
The Stagefright vulnerability for Android phones is a bad one. It's exploitable via a text message (details depend on auto downloading of the particular phone), it runs at an elevated privilege (again, the severity depends on the particular phone -- on some phones it's full privilege), and it's trivial to weaponize. Imagine a worm that infects a phone and then immediately sends a copy of itself to everyone on that phone's contact list.
The worst part of this is that it's an Android exploit, so most phones won't be patched anytime soon -- if ever. (The people who discovered the bug alerted Google in April. Google has sent patches to its phone manufacturer partners, but most of them have not sent the patch to Android phone users.)
Researchers perfect technique that profiles people based on unique keystroke traits.
Stagefright is a nasty potential problem for a huge majority of the World's Android users. Thomas Fox-Brewster covered it in detail in his article yesterday, but here in brief is how to prevent the bug being used to access your phone without you even knowing. Stagefright is a core part of [...]
Nearly 75% jump in phishing helped propel DNS abuse in the second quarter of this year.
10 hours ago US Power Grid Vulnerable (July 24, 2015)SANS Newsbites View Synopsis+1
According to analysis of the US power grid compiled by USA Today, the country's power grid experiences more failures than those in other developed countries.......
Pakistan's Ministry of the Interior has issued a notice to the Pakistan Telecommunication Authority (PTA) to order telecommunications companies that serve that country to stop access to BlackBerry Enterprise Services as of December 1, 2015.......
Technically Incorrect: In the latest attempt at fooling the unsuspecting and gullible, three Detroit area teens allegedly talk a MetroPCS store into buying fake iPhones.
Virtual assistants have become commonplace in modern technology, but Microsoft thinks it knows how to push its Cortana a step beyond the rest.
The camera taps eight synchronized shutters and eight microphones to capture 360-video and spatial audio.
6 hours ago The Debate Over Free Community CollegeYahoo Security View Synopsis+1
While the Obama administration's proposal to make community college free languishes in the Beltway, several states, including Tennessee, are moving ahead with their own plans to make earning an associate's degree as standard as a high-school diploma. This month, Oregon Governor Kate Brown signed into law a program that will offer tuition-free community college to the state's recent high-school graduates.
7 hours ago Banks Suing Target Make New DemandsInfoRiskToday View Synopsis+1
Ask Court to Force Release of Details on Breach, SecurityU.S. banks and credit unions suing Target for reimbursement of costs associated with its massive 2013 data breach want a court to force the retailer to disclose more details about its breach and security practices.
There used to be a clear line between in-office and out-of-office work. With Voice over Internet Protocol (VoIP) services, though, that line is disappearing. Thanks to evolving IP telephony technology, it's now possible for you and other employees to complete in-office tasks anywhere you go.
7 hours ago How the FCC is Changing VoIP Services ForeverIT Toolbox Blogs View Synopsis+1
The Federal Communications Commission (FCC) is a governmental agency tasked with regulating interstate communications in America. It has long been the regulatory agency for TV, radio and even satellite communications, but with the rapid evolution of voice over internet protocol (VoIP) telephone services, the FCC has a new medium to regulate. In fact, recent recommendations and rulings
This is the second of five success factors for moving to hosted VoIP, and my intent here is for SMBs to think more broadly about how new value can be brought to the business. This won't happen if VoIP is a cost reduction move or one that just replicates legacy telephony. The cloud creates new possibilities for leveraging new technologies, and in this regard, VoIP is not the end game -
8 hours ago Vasco posts 2Q profitYahoo Security View Synopsis+1
The Oakbrook Terrace, Illinois-based company said it had profit of 35 cents per share. Earnings, adjusted for one-time gains and costs, were 40 cents per share. The Internet security company posted revenue ...
8 hours ago Bill Would Mandate Agencies Use Einstein ProgramInfoRiskToday View Synopsis+1
Measure Aims to Hasten Adoption of Intrusion Prevention SystemCould a change to federal law help prevent breaches such as those at the Office of Personnel Management that exposed the private information of more than 22 million individuals? Sen. Ron Johnson thinks so.
8 hours ago Akamai's Q2 earnings fall shortZDNet View Synopsis+1
Akamai saw its security services sales surge, but second quarter earnings missed expectations. Sales were on target.
Researcher Sijmen Ruwhof uncovered several critical security vulnerabilities in PHP File Manager that leave user data unprotected.
8 hours ago Darkode allegedly up and running againSC Magazine View Synopsis+1
Two weeks after an international law enforcement effort shut it down and led to charges, indictments and arrests, reports say online crime forum Darkode is back.
A new poll indicates that Americans want the government to retaliate for cyberattacks that compromise sensitive data.
9 hours ago In a Twist, Fraud Probe Reveals BreachInfoRiskToday View Synopsis+1
Federal Investigation Uncovers Exposure of Patient DataA breach of patient data on a Web portal was discovered during a lengthy criminal investigation into a multi-million-dollar fraud scheme targeting Healthfirst, a New York-based managed care organization.
As typically portrayedÂ in action movies, breaking into an ostensibly impenetrable safe often requires a world class lock-picker or, barring that, an array or C4 explosives positioned in just the right orientation. But in the real world, surprisingly enough, defeating the security mechanisms on a top-notch Brinks safe can be done with nothing more than a USB stick and 100 lines of code. At the always entertaining Def Con Hacking Conference set to kick off in Las Vegas next week, researchers Daniel Petro and Oscar Salazar of Bishop Fox will detail how they were able to skirt around the defenses of the Brinks CompuSafe Galileo with relative ease. DON'T MISS:Â The trailer for Seth Rogen's drug-filled Christmas movie is 172 seconds of
Nearly all Android smartphones contain remote code execution vulnerabilities that could be exploited simply by sending the device a maliciously crafted text message.......