Informations about SSL certificates and networks security
Auto Added by WPeMatico
WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called “Pandemic”: The Pandemic leak does not explain what the CIA’s initial infection vector is, but does describe it as a persistent implant. “As the name suggests, a single computer on a local network with shared drives that is infected with … Read More “CIA’s Pandemic Toolkit” »
There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which blocks victims’ access to their computers until they pay a fee. Then there are the users who … Read More “WannaCry and Vulnerabilities” »
In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of NSA secrets. Since last summer, they’ve been dumping these secrets on the Internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands … Read More “Who Are the Shadow Brokers?” »
It was easy: The hackers took a medium range photo of their subject with a digital camera’s night mode, and printed the infrared image. Then, presumably to give the image some depth, the hackers placed a contact lens on top of the printed picture. Powered by WPeMatico
There’s interesting research on using a set of “master” digital fingerprints to fool biometric readers. The work is theoretical at the moment, but they might be able to open about two-thirds of iPhones with these master prints. Definitely something to keep watching. Research paper (behind a paywall). Powered by WPeMatico
Criminals go where the money is, and cybercriminals are no exception. And right now, the money is in ransomware. It’s a simple scam. Encrypt the victim’s hard drive, then extract a fee to decrypt it. The scammers can’t charge too much, because they want the victim to pay rather than give up on the data. … Read More “WannaCry Ransomware” »
Turns out, multi-million dollar yachts are no more secure than anything else out there: The ease with which ocean-going oligarchs or other billionaires can be hijacked on the high seas was revealed at a superyacht conference held in a private members club in central London this week. […] Murray, a cybercrime expert at BlackBerry, was … Read More “Yacht Security” »
I’ve previously written about the serious vulnerabilities in the SS7 phone routing system. Basically, the system doesn’t authenticate messages. Now, criminals are using it to hack smartphone-based two-factor authentication systems: In short, the issue with SS7 is that the network believes whatever you tell it. SS7 is especially used for data-roaming: when a phone user … Read More “Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems” »
This is a good summary article about the horrible security of St. Jude pacemakers, and the history of the company not doing anything about it. Powered by WPeMatico
There’s something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One: someone, probably a country’s intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet. Two: someone else, or maybe the same someone, … Read More “Who is Publishing NSA and CIA Secrets, and Why?” »