Informations about SSL certificates and networks security
Lance Vick suggesting that students hack their schools’ surveillance systems. “This is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine,” he said. Of course, there are a lot more laws in place against this sort of thing than there were in — say — … Read More “Hacking School Surveillance Systems” »
Euprymna brenneri was discovered in the waters of Okinawa. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid … Read More “Chinese Hackers Bypassing Two-Factor Authentication” »
The smartphone messaging app ToTok is actually an Emirati spying tool: But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try … Read More “ToTok Is an Emirati Spying Tool” »
Yet another squid acronym. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
DTEN makes smart screens and whiteboards for videoconferencing systems. Forescout found that their security is terrible: In total, our researchers discovered five vulnerabilities of four different kinds: Data exposure: PDF files of shared whiteboards (e.g. meeting notes) and other sensitive files (e.g., OTA — over-the-air updates) were stored in a publicly accessible AWS S3 bucket … Read More “Lousy IoT Security” »
This isn’t a first, but I think it will be the first conviction: The GIF set off a highly unusual court battle that is expected to equip those in similar circumstances with a new tool for battling threatening trolls and cyberbullies. On Monday, the man who sent Eichenwald the moving image, John Rayne Rivello, was … Read More “Attacker Causes Epileptic Seizure over the Internet” »
New details: At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company’s threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group … Read More “Iranian Attacks on Industrial Control Systems” »
Interesting research: SRLabs founder Karsten Nohl, a researcher with a track record of exposing security flaws in telephony systems, argues that RCS is in many ways no better than SS7, the decades-old phone system carriers still used for calling and texting, which has long been known to be vulnerable to interception and spoofing attacks. While … Read More “Security Vulnerabilities in the RCS Texting Protocol” »
Interesting stuff. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico