Category: Security technology

Auto Added by WPeMatico

The Science of Interrogation

Posted on By infossl
police, psychologyofsecurity, Security technology, terrorism, torture

Fascinating article about two psychologists who are studying interrogation techniques. Now, two British researchers are quietly revolutionising the study and practice of interrogation. Earlier this year, in a meeting room at the University of Liverpool, I watched a video of the Diola interview alongside Laurence Alison, the university’s chair of forensic psychology, and Emily Alison, … Read More “The Science of Interrogation” »

CSE Releases Malware Analysis Tool

Posted on By infossl
canada, cybersecurity, malware, Security technology

The Communications Security Establishment of Canada — basically, Canada’s version of the NSA — has released a suite of malware analysis tools: Assemblyline is described by CSE as akin to a conveyor belt: files go in, and a handful of small helper applications automatically comb through each one in search of malicious clues. On the … Read More “CSE Releases Malware Analysis Tool” »

Reaper Botnet

Posted on By infossl
botnets, denialofservice, hacking, internetofthings, Security technology

It’s based on the Mirai code, but much more virulent: While Mirai caused widespread outages, it impacted IP cameras and internet routers by simply exploiting their weak or default passwords. The latest botnet threat, known as alternately as IoT Troop or Reaper, has evolved that strategy, using actual software-hacking techniques to break into devices instead. … Read More “Reaper Botnet” »

Denuvo DRM Cracked within a Day of Release

Posted on By infossl
cracking, drm, games, Security technology

Denuvo is probably the best digital-rights management system, used to protect computer games. It’s regularly cracked within a day. If Denuvo can no longer provide even a single full day of protection from cracks, though, that protection is going to look a lot less valuable to publishers. But that doesn’t mean Denuvo will stay effectively … Read More “Denuvo DRM Cracked within a Day of Release” »

IoT Cybersecurity: What’s Plan B?

Posted on By infossl
cybersecurity, internetofthings, nationalsecuritypolicy, Security technology

In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn’t regulate the IoT market. It doesn’t single out any industries for particular attention, or force any companies to do anything. It doesn’t even modify … Read More “IoT Cybersecurity: What’s Plan B?” »

Security Flaw in Infineon Smart Cards and TPMs

Posted on By infossl
cryptanalysis, cryptography, estonia, idcards, Security technology, securityengineering, smartcards, vulnerabilities

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith’s attack: While all keys generated with the library are much weaker than they should be, it’s not currently practical to factorize … Read More “Security Flaw in Infineon Smart Cards and TPMs” »

New KRACK Attack Against Wi-Fi Encryption

Posted on By infossl
Security technology

Mathy Vanhoef has just published a devastating attack against WPA2, the 14-year-old encryption protocol used by pretty much all wi-fi systems. Its an interesting attack, where the attacker forces the protocol to reuse a key. The authors call this attack KRACK, for Key Reinstallation Attacks This is yet another of a series of marketed attacks; … Read More “New KRACK Attack Against Wi-Fi Encryption” »