Attack of the week: FREAK (or ‘factoring the NSA for fun and profit’)
This article reprinted with permission from Matthew Green @ http://blog.cryptographyengineering.com/ Cryptography used to be considered ‘munitions’. This is the story of how a handful of cryptographers ‘hacked’ the NSA. It’s also a story of encryption backdoors, and why they never quite…
Smart TVs Record Your Casual Conversation.
Televisions that offer voice commands are the hottest new thing on the market. If you have Samsung unit you should read the fine print. The fine print for Samsungs Smart TV voice recognition system says that it will not only…
DHS Releases Destover Wiper Malware Indicators of Compromise
US-CERT released a not-so-cryptic advisory this weekend providing enterprises with indicators of compromise and detailed descriptions of the malware used against “a major entertainment company.” Also stated, “Due to the highly destructive functionality of this malware, an organization infected could…
IT Turnover, Up or Out
So I read this article about IT turnover and many of the items struck a cord with me. I had witnessed it first hand, and even endured it myself on several occasions, with several different employers. Until I found what…
Target has been Targeted…
Update: As is now appears, 40 million accounts have been compromised. The Secret Service is investigating a possible data breach around the time of Black Friday that involves Target stores. It appears that the breach mainly targeted customers that actually…
NSA infiltrating World of Warcraft, Second Life and other MMO’s
It was recently released that the NSA has infiltrated popular MMO’s, such as World of Warcraft, Second Life, and others in an attempt to catch terrorists. Secret briefings from 2007 and 2008 show agents expressing great enthusiasm for video games…
Social Media Hacked Again…
Once again I find myself hashing out the same information about social media sites being hacked and user accounts being released into the wild. This time 2 million accounts are compromised and their details are posted online. The list breaks…
D-Link Routers (Firmware Update)
In October a security researcher discovered a backdoor vulnerability with certain D-Link routers. This vulnerability (CVE-2013-6027) [setting the browsers user agent string to “xmlset_roodkcable0j28840ybtide”] allows cyber criminals to alter a router setting without having a username or password. D-Link has…
What is Python?
I have gotten this a few times lately — Isn’t python a scripting language -or- Python isn’t a programming language it is a scripting language. I will try to make this as short and to the point as possible, and…
Careful what you click…
Over 10,000 people have been hit by Cryptolocker in the last week. To refresh your memory, CryptoLocker is a Trojan that encrypts documents on victims’ computers and holds them ransom for $300. If you don’t cough up the money, CryptoLocker…