Uncategorized Amazon introduces new open-source TLS implementation 27 Aug 20151 Sep 2015 Stephen Schmidt, Amazon's VP of security engineering, said that Amazon, the number one online retailer in the Americas, uses strong encryption not just on its eponymous sales site, but on…
Uncategorized The Onion Router is being cut up and making security pros cry 27 Aug 20151 Sep 2015 IBM is warning corporates to start blocking TOR services from their networks, citing rising use of the encrypted network to deliver payloads like ransomware. The advice comes in the company's…
Uncategorized Busting the Biggest Myth of CISA—That the Program Is Voluntary 21 Aug 20151 Sep 2015 WHEN THE U.S. Senate returns in September, one of its priorities will be to pass so-called “cybersecurity” legislation, namely theCybersecurity Information Sharing Act. The deficiencies in the bill, including its…
Uncategorized Linus Torvalds Talks Linux Security at LinuxCon 20 Aug 20151 Sep 2015 The founder of Linux explains why he's not thinking about the next 10 years of Linux and why security is all about finding bugs. SEATTLE—At the annual LinuxCon event here,…
Uncategorized Ashley Madison hackers follow through on threat, dump user data online 19 Aug 20153 Sep 2015 When one or more as-yet-unknown hackers breached marital infidelity site Ashley Madison last month they threatened to out all the "cheating dirtbags" they could find - unless parent company Avid Life Media…
Uncategorized BitTorrent exploits allow lone hackers to launch large DDoS attacks 19 Aug 20152 Sep 2015 A flaw in BitTorrent clients can be exploited to allow single attackers to harness extra juice in launching DDoS attacks on a vast scale. At the USENIX conference in Washington,…
Uncategorized Linux Core Infrastructure Initiative launches security badge scheme 19 Aug 20151 Sep 2015 The Linux Foundation's Core Infrastructure Initiative (CII) has launched a new security-focused badge program to improve the quality and stability of open-source software security. Open-source software provides the backbone for…
Uncategorized View From The Top: Government’s Role In Cybersecurity 18 Aug 2015 On the two major political aspects that concern him related to attribution for cybercrime, Richard Bejtlich, chief security strategist for FireEye, said: In the incidents at both Sony and the…
Uncategorized 8 Linux Security Improvements In 8 Years – InformationWeek 16 Aug 2015 At a time when faith in open source code has been rocked by an outbreak of attacks based on the Shellshock and Heartbleed vulnerabilities, it's time to revisit what we…
Uncategorized Bypassing Antivirus with Shellter 4.0 on Kali Linux – Darkmatters 15 Aug 2015 Having trouble getting a Meterpreter shell past that pesky AV? Check out the new Shellter 4.0 shell obfuscation program! The latest version of Shellter for pentesters was revealed at B-Sides…
Uncategorized Top 10 security tools in Kali Linux 1.0.6 | Network World 13 Aug 2015 When it comes to forensics, penetration and security testing Kali Linux – which is designed for security professionals and packed with more than 300 security testing tools -- is arguably…
Uncategorized This Hacker’s Tiny Device Unlocks Cars And Opens Garages | WIRED 8 Aug 2015 THE NEXT TIME you press your wireless key fob to unlock your car, if you find that it doesn’t beep until the second try, the issue may not be a…
Uncategorized Black Hat 2015: Salted Hash live blog (Day 1) | CSO Online 6 Aug 2015 LAS VEGAS – Black Hat 2015 is underway, and the corporate side of hacking has taken center stage. There are plenty of hot topics this year, but the mess at…
Uncategorized Black Hat 2015: Attackers use commercial Terracotta VPN to launch attacks | Network World 4 Aug 2015 RSA researchers have discovered a China-based VPN network dubbed Terracotta that is used extensively to launch advanced persistent threat (APT) attacks and that hijacks servers of unsuspecting organizations in order…
Uncategorized Operation Lotus Blossom APT – Elise Malware 4 Aug 2015 Operation Lotus Blossom is one of the more recent APT attacks that has been discovered and analyzed. It is an advanced adversary campaign against the mostly government and state-sponsored entities…
Uncategorized Major flaw could let lone-wolf hacker bring down huge swaths of Internet | Ars Technica 3 Aug 2015 A recently disclosed vulnerability in Bind, the most widely used software for translating human-friendly domain names into IP addresses used by servers, makes it possible for lone-wolf attackers to bring…
Uncategorized Hackers Could Heist Semis by Exploiting This Satellite Flaw | WIRED 1 Aug 2015 REMEMBER THE OPENING scene of the first Fast and Furious film when bandits hijacked a truck to steal its cargo? Or consider the recent real-life theft of $4 million in…
Uncategorized New vulnerability can put Android phones into permanent vegetative state | Ars Technica 31 Jul 2015 Researchers have developed an attack that puts more than 50 percent of Android phones into the digital equivalent of a persistent vegetative state in which they're almost completely unresponsive and are…
Uncategorized New Android Malware Sprouting Like Weeds | Mobile | LinuxInsider 30 Jul 2015 Perhaps the one most effective strategy to minimize the risk of Android malware infection is to avoid discount app stores. "Do not download apps from unknown app stores, except if…
Uncategorized Google has fixed Stagefright problem that left Android users open to attack- The Inquirer 29 Jul 2015 Google has fixed Stagefright problem that left Android users open to attack- The Inquirer.
Uncategorized Hacker Attack Reported on Ashley Madison, a Dating Service 20 Jul 20153 Sep 2015 The company behind Ashley Madison, a popular online dating service marketed to people trying to cheat on their spouses, said on Monday that the site had been breached by hackers…
Uncategorized RC4 NOMORE crypto exploit used to decrypt user cookies in mere hours 20 Jul 20153 Sep 2015 A fresh warning concerning the use of RC4 to support secure communication channels online has been issued after researchers were able to exploit the protocol to decrypt user data in…
Uncategorized DeepIn OS | Linux Security Blogs/Tutorials 14 May 20153 Sep 2015 Deepin (formerly Linux Deepin, Hiweed GNU/Linux) is an Ubuntu-based distribution that aims to provide an elegant, user-friendly and reliable operating system. It does not only include the best the open…