October 2017 – Page 3 – SSL and internet security news

White House Chief of Staff John Kelly’s Cell Phone was Tapped

October 9, 2017 infossl

cellphones, eavesdropping, espionage, Security technology

Politico reports that White House Chief of Staff John Kelly’s cell phone was compromised back in December. I know this is news because of who he is, but I hope every major government official of any country assumes that their commercial off-the-shelf cell phone is compromised. Even allies spy on allies; remember the reports that … Read More “White House Chief of Staff John Kelly’s Cell Phone was Tapped” »

Friday Squid Blogging: Baby Ichthyosaurus Fed on Squid

October 6, 2017 infossl

Security technology

New discovery: paper and article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help

October 6, 2017 infossl

cyberattack, cyberespionage, hacking, insiders, kaspersky, leaks, nsa, russia, Security technology

The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation stole copies of those documents. The twist this time is that the Russians identified the documents because the contractor had Kaspersky Labs anti-virus installed on his home computer. This is … Read More “Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help” »

Replacing Social Security Numbers

October 5, 2017 infossl

doxing, hacking, identification, identitytheft, nationalsecuritypolicy, secrecy, Security technology

In the wake of the Equifax break, I’ve heard calls to replace Social Security numbers. Steve Bellovin explains why this is hard. Powered by WPeMatico

HP Shared ArcSight Source Code with Russians

October 4, 2017 infossl

Security technology

Reuters is reporting that HP Enterprise gave the Russians a copy of the ArcSight source code. The article highlights that ArcSight is used by the Pentagon to protect classified networks, but the security risks are much broader. Any weaknesses the Russians discover could be used against any ArcSight customer. What is HP Enterprise thinking? Near … Read More “HP Shared ArcSight Source Code with Russians” »

E-Mail Tracking

October 3, 2017 infossl

academicpapers, datacollection, email, privacy, Security technology, surveillance, tracking

Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for the unwary. We assembled a corpus of commercial mailing-list emails, and find a network of hundreds of third parties that track email recipients via methods such as embedded pixels. About 30% … Read More “E-Mail Tracking” »

Remote Malware Attacks on ATMs

October 2, 2017 infossl

atms, infrastructure, malware, physicalsecurity, Security technology

This report discusses the new trend of remote malware attacks against ATMs. Powered by WPeMatico