Latest News
Video Streaming Feed at Black Hat Hacked
A security expert found a way to catch the talks at Black Hat for free,
thanks to bugs in the video streaming service used by the security
conference. Read the full article. [IDG News Service]
Location-Based Encryption Is A Quantum Reality
A research group led by computer scientists at the UCLA Henry Samueli
School of Engineering and Applied Science has proved that cryptography
-- the practice and study of hiding information -- that is based solely
on physical location is possible by using quantum mechanics. Such a method, the researchers say, allows one to encrypt and decrypt
data at a secure location without pre-sharing any cryptographic keys
that can be used to lock or unlock sensitive information. Read the full article. [Science Daily]
Hackers Increasingly Look For Configuration Errors
Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study based on U.S. Secret Service investigations. Read the full article. [IDG News Service]
My vacation photos
Yes, it’s that time of the year again! People from all around the world try to escape the heat and pollution of the big cities and find much more enticing options. Once the vacation is over and we are all back to work, what does everybody do first?Publish photos, of course!
Researcher Reveals Major SSL and Browser Flaws
LAS VEGAS--A security researcher has found a slew of fundamental problems with the way that modern browsers are designed and built, leading to serious questions about the security of these applications and the way that they handle SSL sessions.
It’s Official: DNSSEC Fully Updated
Two years after a major flaw was exposed in the
Internet's Domain Name System (DNS), a major upgrade to the
infrastructure protocol that fixes that weakness is now up and running
in all of the Internet root servers. Read the full article. [Dark Reading]
Hacker Demos Remote Attacks Against ATMs
LAS VEGAS -- Using home-brewed software tools and exploiting a gaping security hole in the authentication mechanism used to update the firmware on automated teller machines (ATMs), a security researcher hacked into ATMs made by Triton and Tranax and planted a rootkit that dispensed cash on demand.
Persistent, Covert Malware Causing Major Damage
LAS VEGAS--Security technology and practice have advanced quite a bit in the past few years, but one thing that has become clear is that whatever gains have been made are just not keeping pace with the innovation of attackers. The advances being made by malware authors and crimeware gangs are keeping them well ahead of the curve and will continue to do so for the foreseeable future, researchers say.
Major Check Counterfeiting Ring Uncovered
A researcher has uncovered a sophisticated check counterfeiting ring
that uses compromised computers to steal and print millions of dollars
worth of bogus invoices and then recruit money mules to cash them. Read the full article. [The Register]
Microsoft Ships Anti-Exploit Tool for IT Admins
LAS VEGAS -- Microsoft today released a new tool to help IT administrators backport anti-exploit mitigations like ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) to older versions of Windows.