Informations about SSL certificates and networks security
Auto Added by WPeMatico
EFF has the story of malware from the Kazakhstan government against “journalists and political activists critical of Kazakhstan’s authoritarian government, along with their family members, lawyers, and associates.” Powered by WPeMatico
Citizen Lab has a new report on an Iranian government hacking program that targets dissidents. From a Washington Post op-ed by Ron Deibert: Al-Ameer is a net savvy activist, and so when she received a legitimate looking email containing a PowerPoint attachment addressed to her and purporting to detail “Assad Crimes,” she could easily have … Read More “How the Iranian Government Hacks Dissidents” »
Good article. And I was interviews on WGBH on the topic. Powered by WPeMatico
You can order a cocktail made with squid ink soda at Hank’s Oyster Bar in Washington, DC. Powered by WPeMatico
I did an AMA on Reddit a few days ago. My Reddit AMA from 2013. Powered by WPeMatico
Another hijack attack against vehicles, this time trucks and buses. Powered by WPeMatico
I’ve been saying for years that it’s bad security advice, that it encourages poor passwords. Lorrie Cranor, now the FTC’s chief technologist, agrees: By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1”, for instance (excluding the quotation marks) frequently became “tArheels#1” … Read More “Frequent Password Changes Is a Bad Security Idea” »
Most of them are unencrypted, which makes them vulnerable to all sorts of attacks: On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept … Read More “Security Vulnerabilities in Wireless Keyboards” »
Last week, President Obama issued a policy directive (PPD-41) on cyber-incident response coordination. The FBI is in charge, which is no surprise. Actually, there’s not much surprising in the document. I suppose it’s important to formalize this stuff, but I think it’s what happens now. News article. Brief analysis. The FBI’s perspective. Powered by WPeMatico
NIST is no longer recommending two-factor authentication systems that use SMS, because of their many insecurities. In the latest draft of its Digital Authentication Guideline, there’s the line: [Out of band verification] using SMS is deprecated, and will no longer be allowed in future releases of this guidance. Powered by WPeMatico