Kategorie

A high schooler poking around in Flickr found a critical flaw

The webcam swivelled around on its own and began to speak

Takřka před rokem oznámil Microsoft, že společnost AgileBits, tvůrci 1Password, chystají oficiální rozšíření pro internetový prohlížeč Edge v operačním systému Windows 10. Rok se s rokem sešel a rozšíření 1Password je konečně tu. Vývojáři předevčírem vypustili rozšíření do obchodu ...

Another day, Another data breach disclosure. This time the popular commenting system has fallen victim to a massive security breach. Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole details of more than 17.5 million users. The stolen data includes email addresses, usernames,

During the Virus Bulletin closing keynote, Brian Honan urged the security industry to share more, victim-shame less and work harder to establish trust.

It sounded like the wake-up call to end all wake-up calls.

Once there was identity access management (IAM). It did a pretty decent job of managing our workforce access to corporate resources. Then, things changed. The Internet took off, workers started to work remotely and wanted to use their own laptops and mobile devices to check emails, etc. (BYOD).The IAM systems of old started to creak […]

The post The Challenges of Designing and Building a CIAM System appeared first on InfoSec Resources.

The Challenges of Designing and Building a CIAM System was first posted on October 6, 2017 at 9:31 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The Péter Szőr award recognises the best piece of technical security research published each year

Do you know—United States Government has banned federal agencies from using Kaspersky antivirus software over spying fear? Though there's no solid evidence yet available, an article published by WSJ claims that the Russian state-sponsored hackers stole highly classified NSA documents from a contractor in 2015 with the help of a security program made by Russia-based security firm Kaspersky Lab

This is the 2nd part of the Bluetooth hacking blog. I hope you have gone through the 1st part. If not, please go through it. Let’s start. Short Primer on CSR – In this section, we will be learning a bit about CSR and its interaction with the bulb so you get an idea how […]

The post IoT: Hacking a Smart Bulb with Bluetooth – Advanced appeared first on InfoSec Resources.

IoT: Hacking a Smart Bulb with Bluetooth – Advanced was first posted on October 6, 2017 at 7:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

In the last part of this article series, we have seen the structure of PDF document and all the essential keywords which can be used by analysts to carry investigations and are also used by various tools to depict the nature of the document being analyzed. Below is a refresher of important keyword concerning PDF […]

The post Analysis of Malicious Document 4 appeared first on InfoSec Resources.

Analysis of Malicious Document 4 was first posted on October 6, 2017 at 7:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Description: Dr. Sameer Hinduja and Dr. Justin Patchin at the Cyberbullying Research Center define cyberbullying as “willful and continuous harm done using any electronic devices such as a computer, cell phone, etc.” and it is especially popular among teenagers. Cyberstalking and cyber-harassment are forms of cyberbullying perpetrated mostly by adults. The professor of children’s mental […]

The post Cyber – Bullying Threats, Prevention, and Solutions appeared first on InfoSec Resources.

Cyber – Bullying Threats, Prevention, and Solutions was first posted on October 6, 2017 at 7:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

If you are an iPhone user and use Uber app, you would be surprised to know that widely popular ride-hailing app can record your screen secretly. Security researcher Will Strafach recently revealed that Apple selectively grants (what's known as an "entitlement") Uber a powerful ability to use the newly introduced screen-recording API with intent to improve the performance of the Uber app on

You can't hide behind your beard, even on the dark web

Jedním z nejobávanějších virů současnosti je trojský kůň Chromex. Několik posledních měsíců se totiž pravidelně umísťoval na předních příčkách žebříčku nejrozšířenějších škodlivých kódů, v září mu dokonce kraloval – může za každý 13. útok v Česku. Vyplývá to z pravidelné statistiky antivirové společnosti Eset.

It's time to give Android's Media Framework some TLC

LinuxSecurity.com: Is encryption a threat to law and order, or an essential tool for staying secure online? Two events this week show how much disagreement there still is about it.

LinuxSecurity.com: Google researchers disclosed seven serious flaws in an open-source DNS software package Dnsmasq, which is is commonly preinstalled on routers, servers, smartphones, IoT devices and operating systems such the Linux distributions Ubuntu and Debian. The most severe of the vulnerabilities could be remotely exploited to run malicious code and hijack the device.

LinuxSecurity.com: Yet another W3C API can be turned against the user, privacy boffin Lukasz Olejnik has warned - this time, it's in how browsers store and check credit card data.

LinuxSecurity.com: Windows has long been the world's biggest malware draw, exploited for decades by attackers. It continues today: The Carbon Black security firm analyzed 1,000 ransomware samples over the last six months and found that nearly 99% of them targeted Windows.