Informations about SSL certificates and networks security
Auto Added by WPeMatico
Uber was hacked, losing data on 57 million driver and rider accounts. The company kept it quiet for over a year. The details are particularly damning: The two hackers stole data about the company’s riders and drivers – including phone numbers, email addresses and names — from a third-party server and then approached Uber and … Read More “Uber Data Hack” »
Falsely labeled squid snacks were seized in Cambodia. I don’t know what food product it really was. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Mozilla reviews the privacy practices of Internet-connected toys, home accessories, exercise equipment, and more. Powered by WPeMatico
The security researchers at Princeton are postingthe results of some very interesting research into web surveillance: You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use “session replay” scripts. These scripts record your keystrokes, mouse movements, and … Read More “Websites Use Session-Replay Scripts to Eavesdrop on Every Keystroke and Mouse Movement” »
Amazon has a cloud for US classified data. The physical and computer requirements for handling classified information are considerable, both in terms of technology and procedure. I am surprised that a company with no experience dealing with classified data was able to do it. Powered by WPeMatico
Amazon Key is an IoT door lock that can enable one-time access codes for delivery people. To further secure that system, Amazon sells Cloud Cam, a camera that watches the door to ensure that delivery people don’t abuse their one-time access privilege. Cloud Cam has been hacked: But now security researchers have demonstrated that with … Read More “Vulnerability in Amazon Key” »
Peru and Chile have a new plan. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
The White House has released a new version of the Vulnerabilities Equities Process (VEP). This is the inter-agency process by which the US government decides whether to inform the software vendor of a vulnerability it finds, or keep it secret and use it to eavesdrop on or attack other systems. You can read the new … Read More “New White House Announcement on the Vulnerability Equities Process” »
This digital security guide by Motherboard is very good. I put alongside EFF’s “Surveillance Self-Defense” and John Scott-Railton’s “Digital Security Low Hanging Fruit.” There’s also “Digital Security and Privacy for Human Rights Defenders.” There are too many of these…. Powered by WPeMatico
It only took a week: On Friday, Vietnamese security firm Bkav released a blog post and video showing that — by all appearances — they’d cracked FaceID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking. The article points out that the … Read More “Apple FaceID Hacked” »