I love the Russians. I know, strange to hear that from an American in modern day with a new “cold war” (seemingly) beginning to gain steam. Let’s say, I respect them. Their hackers in particular. Their response to a cyberattack is to launch a full-on offensive attack against the attacker, quite a different response from […]
Posts Tagged ‘security’
Before discoursing the lengthy analysis of the Dark Web honeypot (the pedophile honeypot in particular), let’s answer the question that is surely on everyone’s mind – did the honeypot allow me to reveal the true identity of the person visiting the site?
That China filters their Internet traffic is no secret – their societal system (many believe) requires that information be filtered. What is more interesting, are the *words* that are filtered. Several research groups have studied China’s walled-off Internet infrastructure (via search engine results, reverse engineered software and hardware products, leaked router or firewall settings, etc.) […]
JPMorgan Chase security breach not what you think – military attack against key financial institutions turns over keys to the kingdom
Although I’m disappointed that JPMorgan Chase delayed the disclosure of the breach that touched more than 83 million U.S. households (they knew about it at least four months ago), I’m even more upset at what they disclosed – that key customer financial data was not stolen. JPMorgan may tout the expertise of their security team […]
Shellshock (Bash bug) vulnerability – critical security vulnerability discovered in Bash (Bourne-Again Shell)
If your Linux/Unix (or Apple Mac OS X) applications are running with root permissions and call on the shell, this vulnerability (called “Bash Bug” or “$hellshock”) is huge as it allows an attacker to remotely execute shell commands by attaching malicious code into environment variables used by the OS. The flaw is present in GNU […]
If you are suspicious of Tor, tired of the laggy connection, or simply want a more stable means to ensure your connection is encrypted and secure, you can easily create a VPN connection through a VPN connection which ensures anonymity and hard-core encryption of your network stream (with kill switches to protect your identity if […]
The UK government has said it wants to hand out life sentences to anyone found guilty of a cyberattack that results in loss of life, serious illness, serious injury, or serious damage to national security (or a “significant risk thereof”. The plan, which frighteningly, is broadly written, is proposed as an update to Britain’s Computer […]
The OpenSSL encryption flaw, known as the Heartbleed bug, is being called one of the biggest security flaws ever seen on the Internet. One security analyst called it “catastrophic” and said that on a scale of 1 to 10, the vulnerability was an 11. The newly discovered vulnerability isn’t “big news” because of its complexity, […]
Kaspersky Labs recently launched this beautiful interactive global map that shows online threats around the world as they happen. Data used to drive the map comes from Kaspersky’s malware monitoring software. The different colored lines represent various attack vectors that are being detected through their software. For instance, pink lines represent an IDS scan while […]
A Houston, Texas family was stunned this week when they entered their baby daughter’s room and heard the webcam, which they use to monitor the baby, taunting the small girl with insults and profanity. The couple said they walked in and heard the baby monitor say “Wake up Allyson, you little slut.” The couple say […]
For the first time in the 21-year-old history of the famed hacker’s convention, government employees are being asked to stay away from the DEFCON event. Def Con has always catered to hackers, researchers and others interested in security research and employees from the CIA, FBI, and NSA have always been welcome and in fact, regularly […]
Whoops. IRS accidentally uploads tens of thousands of private social security numbers in public database
PublicResource.org, an organization that specializes in publishing government archive, had to make an embarrassing call to the IRS this week. Apparently the IRS IT department does not have a filter installed to monitor for errant data uploads which allowed a regularly-refreshed IRS database report of the nonprofit industry to be uploaded with a smattering of […]
Steampunk rears its ugly head again. An Oakland artist and teacher was arrested at Oakland International Airport for wearing a suspicious watch. Geoffrey McGann, 49, was arrested at 7:45 PM on Thursday after airport security found him wearing a watch with wires, toggle switch, and fuses protruding from it. Airport security thought the watch looked […]
Department of Homeland Security to form “CyberReserve” volunteer cybersecurity army made of civilian hackers?
According to sources, the Department of Homeland Security was advised last week, to create a “cyber skills task force” that would act as a reserve army of cyber specialists in order to mold top-notch cybersecurity talent to address U.S. cybersecurity emergencies. Called the “CyberReserve” and similar to the National Guard program, CyberReserve would ensure professional […]
No sooner had Firefox hit the download site, it was being pulled because of a security flaw. Firefox 16 is currently offline as Mozilla fixes a bug that would allow malicious sites to access the browser’s history.
Researchers at the University of California San Diego have monitored a botnet that they believe scanned the entire IPv4 address space, possibly in less than two weeks. Using a network block called the UCSD Network Telescope, also known as the UCSD darknet, researchers noticed the illicit activity in February 2011.