Category: Uncategorized

Auto Added by WPeMatico

Vulnerability in the Kaspersky Password Manager

Posted on By infossl
Password Safe, passwords, random numbers, Security technology, Uncategorized, vulnerabilities

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. … Read More “Vulnerability in the Kaspersky Password Manager” »

More Russian Hacking

Posted on By infossl
cybersecurity, hacking, malware, microsoft, russia, Security technology, Uncategorized

Two reports this week. The first is from Microsoft, which wrote: As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in … Read More “More Russian Hacking” »

Insurance and Ransomware

Posted on By infossl
academic papers, cybercrime, cybersecurity, insurance, mitigation, ransomware, reports, Security technology, Uncategorized

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. However, the most pressing challenge currently facing the industry is ransomware. Although it is a societal problem, cyber insurers … Read More “Insurance and Ransomware” »

Risks of Evidentiary Software

Posted on By infossl
courts, cybersecurity, false positives, forensics, Security technology, Uncategorized, vulnerabilities

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it. The software engineers proposed a three-part … Read More “Risks of Evidentiary Software” »

NFC Flaws in POS Devices and ATMs

Posted on By infossl
atms, point of sale, Security technology, Uncategorized, vulnerabilities

It’s a series of vulnerabilities: Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader — … Read More “NFC Flaws in POS Devices and ATMs” »

AI-Piloted Fighter Jets

Posted on By infossl
artificial intelligence, china, cyberwar, cyberweapons, Security technology, Uncategorized

News from Georgetown’s Center for Security and Emerging Technology: China Claims Its AI Can Beat Human Pilots in Battle: Chinese state media reported that an AI system had successfully defeated human pilots during simulated dogfights. According to the Global Times report, the system had shot down several PLA pilots during a handful of virtual exercises … Read More “AI-Piloted Fighter Jets” »

Banning Surveillance-Based Advertising

Posted on By infossl
marketing, privacy, reports, Security technology, surveillance, Uncategorized

The Norwegian Consumer Council just published a fantastic new report: “Time to Ban Surveillance-Based Advertising.” From the Introduction: The challenges caused and entrenched by surveillance-based advertising include, but are not limited to: privacy and data protection infringements opaque business models manipulation and discrimination at scale fraud and other criminal activity serious security risks In the … Read More “Banning Surveillance-Based Advertising” »