September 2017 – Page 3 – SSL and internet security news

Research on What Motivates ISIS — and Other — Fighters

September 7, 2017 infossl

isis, psychologyofsecurity, Security technology, terrorism

Interesting research from Nature Human Behaviour: “The devoted actor’s will to fight and the spiritual dimension of human conflict“: Abstract: Frontline investigations with fighters against the Islamic State (ISIL or ISIS), combined with multiple online studies, address willingness to fight and die in intergroup conflict. The general focus is on non-utilitarian aspects of human conflict, … Read More “Research on What Motivates ISIS — and Other — Fighters” »

Security Vulnerabilities in AT&T Routers

September 6, 2017 infossl

att, encryption, Security technology, securityengineering, vulnerabilities

They’re actually Arris routers, sold or given away by AT&T. There are several security vulnerabilities, some of them very serious. They can be fixed, but because these are routers it takes some skill. We don’t know how many routers are affected, and estimates range from thousands to 138,000. Among the vulnerabilities are hardcoded credentials, which … Read More “Security Vulnerabilities in AT&T Routers” »

Security Flaw in Estonian National ID Card

September 5, 2017 infossl

estonia, idcards, identification, Security technology, securityengineering

We have no idea how bad this really is: On 30 August, an international team of researchers informed the Estonian Information System Authority (RIA) of a vulnerability potentially affecting the digital use of Estonian ID cards. The possible vulnerability affects a total of almost 750,000 ID-cards issued starting from October 2014, including cards issued to … Read More “Security Flaw in Estonian National ID Card” »

New Techniques in Fake Reviews

September 4, 2017 infossl

academicpapers, crowdsourcing, forgery, fraud, Security technology

Research paper: “Automated Crowdturfing Attacks and Defenses in Online Review Systems.” Abstract: Malicious crowdsourcing forums are gaining traction as sources of spreading misinformation online, but are limited by the costs of hiring and managing human workers. In this paper, we identify a new class of attacks that leverage deep learning language models (Recurrent Neural Networks … Read More “New Techniques in Fake Reviews” »

Friday Squid Blogging: Bioluminescent Squid

September 1, 2017 infossl

Security technology, squid

There’s a beautiful picture of a tiny squid in this New York Times article on bioluminescence — and a dramatic one of a vampire squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by … Read More “Friday Squid Blogging: Bioluminescent Squid” »

Russian Hacking Tools Codenamed WhiteBear Exposed

September 1, 2017 infossl

adobe, computersecurity, cyberespionage, espionage, hacking, malware, phishing, russia, Security technology

Kaspersky Labs exposed a highly sophisticated set of hacking tools from Russia called WhiteBear. From February to September 2016, WhiteBear activity was narrowly focused on embassies and consular operations around the world. All of these early WhiteBear targets were related to embassies and diplomatic/foreign affair organizations. Continued WhiteBear activity later shifted to include defense-related organizations … Read More “Russian Hacking Tools Codenamed WhiteBear Exposed” »