US suspends background checks system after flaw found
An entire US department program is to be suspended in order to fix vulnerabilities discovered during a security audit.
Archives - June 2015
Dino – the latest spying malware from an allegedly French espionage group analyzed
In this blog we describe a sophisticated backdoor, called Dino by its creators. We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny and Babar malware.
Strengthening the different layers of IT networks
Getting started on designing a network is a task of formidable proportions, but all the more so if you are looking to build a secure network.
ICANN policy changes trigger privacy concerns
Internet name authority ICANN has unsettled privacy advocates after a new working group document flagged changes to the way domain proxy services can operate.
Cisco warns of default SSH key in several products
Cisco security engineers have disclosed that there is a single default ‘maintenance’ SSH key hardcoded into several families of Cisco security appliances.
Phone Scams: Increasing Numbers, Wider Scope
There's a lot more to phone scams than tech support, giving rise to an escalating number of complaints. Here's what two recent reports tell us.
4 tips for recovering from an attack
Recent high-profile data breaches have illustrated criminals’ insatiable appetite for data and financial reward. Here's some information on what to do after an attack.
New iPhone update blocks apps from seeing other apps you’ve installed
Apple will reportedly introduce a new privacy update for the iPhone that will prevent installed iOS apps from seeing which other apps have been downloaded to the device.
Spiceworks application vulnerability disclosed
A serious flaw has been discovered in the Spiceworks application, which creates an admin account for anyone logging in using their Facebook or LinkedIn details.
Critical vulnerabilities in Windows and Adobe Reader exposed by hacker
A hacker has published an extensive list of Adobe Reader and Windows vulnerabilities based on his research into a relatively obscure area of font management.
How to steal PGP encryption keys (using radio waves and pita bread)
An ingenious team of Israeli security researchers at Tel Aviv University have discovered a way to steal secret encryption keys using a gadget so small it can be hidden inside some pita bread.
The role of proxies and protocols in malware investigations
What is a proxy and what types of proxies exist? What protocol are used in the anonymization process? How does anonymity help with malware investigations?
Minor Chrome release fixes serious bugs
Google has updated the Chrome browser to version 43.0.2357.130 for Windows, Mac, and Linux.
Polish airline LOT grounded by ‘first attack of its kind’
Hackers are being blamed for an attack which grounded 1,400 passengers set to fly on Polish airline LOT.
LinkedIn to stick with invite‑only bug bounty program
LinkedIn will continue a bug bounty program that pays out to a closed group of security researchers, claiming that an invite-only approach reduces the number of irrelevant reports.
Reddit goes HTTPS, joins Wikipedia at security table
Popular meme site Reddit has announced that it will soon encrypt all traffic with HTTPS by default.
Cyber Boot Camp: a head start for tomorrow’s cyber workforce
Every June, a select group of students from high schools and middle schools in San Diego County, California, get five days of intense education in the art of defending computer systems.
Apple iOS and OS X flaws leave passwords vulnerable
A vulnerability found in Apple's iOS and OS X devices could allow hackers to upload malware and steal passwords for services including Mail and iCloud
Must‑know security tips for non‑technical fathers
Few people’s idea of a relaxing Father's Day involves getting to grips with IT security, but scammers typically target the holidays to catch out consumers.
DuckDuckGo traffic up after Apple integration and privacy issues
Privacy search engine DuckDuckGo has seen traffic rocket after recent widely publicized privacy scares, according to the company.