Informations about SSL certificates and networks security
Auto Added by WPeMatico
Rowhammer is an attack technique involving accessing — that’s “hammering” — rows of bits in memory, millions of times per second, with the intent of causing bits in neighboring rows to flip. This is a side-channel attack, and the result can be all sorts of mayhem. Well, there is a new enhancement: All previous Rowhammer … Read More “New Rowhammer Technique” »
I received email from two people who told me that Microsoft Edge enabled synching without warning or consent, which means that Microsoft sucked up all of their bookmarks. Of course they can turn synching off, but it’s too late. Has this happened to anyone else, or was this user error of some sort? If this … Read More “Is Microsoft Stealing People’s Bookmarks?” »
The FBI has issued a bulletin describing a bitcoin variant of a wire fraud scam: As the agency describes it, the scammer will contact their victim and somehow convince them that they need to send money, either with promises of love, further riches, or by impersonating an actual institution like a bank or utility company. … Read More “Wire Fraud Scam Upgraded with Bitcoin” »
The other day I was creating a new account on the web. It was financial in nature, which means it gets one of my most secure passwords. I used PasswordSafe to generate this 16-character alphanumeric password: :s^Twd.J;3hzg=Q~ Which was rejected by the site, because it didn’t meet their password security rules. It took me a … Read More “Why I Hate Password Rules” »
For a limited time, I am selling signed copies of Click Here to Kill Everybody and Data and Goliath, both in paperback, for just $6 each plus shipping. I have 500 copies of each book available. When they’re gone, the sale is over and the price will revert to normal. Order here and here. Please … Read More “Book Sale: Click Here to Kill Everybody and Data and Goliath” »
This is part 3 of Sean Gallagher’s advice for “securing your digital life.” Powered by WPeMatico
Images of giant squid (and octopi) attacking. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. It was a “watering hole” attack, which means the malware was hidden in a legitimate website. Users visiting that website would get infected. From an article: Google’s researchers were able to trigger the exploits and study them by visiting the websites compromised … Read More “MacOS Zero-Day Used against Hong Kong Activists” »
ArsTechnica’s Sean Gallagher has a two–part article on “securing your digital life.” It’s pretty good. Powered by WPeMatico
I just don’t think it’s possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The Sony Playstation 5 is the latest example: Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend, with the hacking group Fail0verflow claiming … Read More “Hacking the Sony Playstation 5” »