Category: Security technology

Auto Added by WPeMatico

Chip Cards Fail to Reduce Credit Card Fraud in the US

Posted on By infossl
chipandpin, credentials, creditcards, fraud, pointofsale, Security technology

A new study finds that credit card fraud has not declined since the introduction of chip cards in the US. The majority of stolen card information comes from hacked point-of-sale terminals. The reasons seem to be twofold. One, the US uses chip-and-signature instead of chip-and-PIN, obviating the most critical security benefit of the chip. And … Read More “Chip Cards Fail to Reduce Credit Card Fraud in the US” »

More Spectre/Meltdown-Like Attacks

Posted on By infossl
hacking, hardware, intel, Security technology, vulnerabilities

Back in January, we learned about a class of vulnerabilities against microprocessors that leverages various performance and efficiency shortcuts for attack. I wrote that the first two attacks would be just the start: It shouldn’t be surprising that microprocessor designers have been building insecure hardware for 20 years. What’s surprising is that it took 20 … Read More “More Spectre/Meltdown-Like Attacks” »

New IoT Security Regulations

Posted on By infossl
essays, internetofthings, nationalsecuritypolicy, Security technology, securityengineering

Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ — from toys to light bulbs to major appliances­ — to the Internet at breakneck speeds. This is the Internet of Things, and it’s a security nightmare. The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon’s Alexa, … Read More “New IoT Security Regulations” »

The Pentagon is Publishing Foreign Nation-State Malware

Posted on By infossl
Security technology

This is a new thing: The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that’s used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape. This feels like an example of the US’s … Read More “The Pentagon is Publishing Foreign Nation-State Malware” »

Privacy and Security of Data at Universities

Posted on By infossl
academicpapers, datacollection, privacy, Security technology

Interesting paper: “Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier,” by Christine Borgman: Abstract: As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel … Read More “Privacy and Security of Data at Universities” »

Consumer Reports Reviews Wireless Home-Security Cameras

Posted on By infossl
cameras, internetofthings, Security technology, securityengineering, vulnerabilities

Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it’s reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn’t store video from the DCS-2630L in the cloud. Instead, the camera has its own, onboard web server, which can deliver video to the … Read More “Consumer Reports Reviews Wireless Home-Security Cameras” »

Security of Solid-State-Drive Encryption

Posted on By infossl
academicpapers, encryption, firmware, hardware, reverseengineering, Security technology, securityengineering, vulnerabilities

Interesting research: “Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)“: Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have … Read More “Security of Solid-State-Drive Encryption” »