The Security Daily

Technology

Flaws in Samsung’s ‘Smart’ Home Let Hackers Unlock Doors and Set Off Fire Alarms

wired.com - A smoke detector that sends you a text alert when your house is on fire seems like a good idea. An internet-connected door lock with a PIN that can be programmed from your smartphone sounds conveni...

Qatar bank says some leaked customer data may be accurate

bigstory.ap.org - DUBAI, United Arab Emirates (AP) — Qatar's largest bank acknowledged Sunday that some personal customer data that was leaked online may be authentic, and said it has hired an outside expert to revi...

DuckDuckGo Blog : Our 2016 Open Source Donations

duck.co - Thank you all for the nominations for our 2016 open source donations program. As usual, there was a wide variety of projects that could benefit from additional funding and fit the theme of raising ...

The Best All in One Record Players -

Shared by aka ✯ phil

blog.vinylmeplease.com - Written by Vinyl Me, Please on May 3, 2016 / Gear Reviews, Uncategorized I’ve written about turntables and record players many times, and I’ve enthusiastically recommended different setups and ster...

The Sacred Knowledge of Securing JavaScript | Cigital

Shared by owasp

cigital.com - JavaScript is gaining more and more popularity not just on the front-end, but also on the back-end, with new frameworks coming out almost every month. On the client-side, we are watching an overwhe...

The Hacking Team Defectors

Shared by Guido Landi

motherboard.vice.com - I am sitting in a nondescript all-white office room in Sliema, a touristy, commercial town that faces Malta’s capital of Valletta. I’m staring at my computer, typing commands into the terminal, and...

CRN Exclusive: Sophos Sees 'Tremendous' Synchronized Security Growth, Launches New Tools

Shared by Sophos

crn.com - Since officially laying out its synchronized security vision in the fall, Sophos has been seeing "tremendous" traction with its partners and is launching new tools to help partners accelerate that ...

Der Code des Bösen

Shared by Ralph Dombach

welt.de - An einem düsteren Novembernachmittag, nach Wochen der Suche, gerät Christian Rossow durch einen Zufall ins Getriebe der Weltpolitik. Er sitzt in einem Büro, das gerade groß genug ist für zwei Schre...

Can investigators reverse engineer insider threats? -- FCW

Shared by Scuttlebutt

fcw.com - A top official at the background check agency created after the Office of Personnel Management hack wants to use analytics to reverse engineer insider threats. James Onusko, transition director at ...

10 Cybersecurity Steps Your Small Business Should Take Right Now

Shared by GFI Software

pcmag.com - National Small Business Week is underway, and the festivities didn't take long to address one of the most glaring and ever-present issues for small to midsize businesses (SMBs): cybersecurity. The ...

Registration for 2016 ICS Cyber Security Conference Now Open

securityweek.com - Largest and Longest Running ICS Cyber Security Conference Opens Registration for 2016 Event Online registration for SecurityWeek's 2016 Industrial Control Systems (ICS) Cyber Security Conference, t...

Uncovering the Truth About 5 Cloud Adoption Challenges

comparethecloud.net - There’s no denying the fact that cloud adoption is on the rise. For proof, look no further than Cloud Sherpas’ 2015 Enterprise Cloud Report, which found that 82% of enterprises identify cloud techn...

Proper network segments may prevent the next breach

Shared by Andrew Hay

searchsecurity.techtarget.com - In late December, three Ukrainian energy companies -- known as oblenergos -- had their operations disrupted, causing a loss of power to 225,000 customers. While the attack started -- as so many do ...

SmartThings Flaws Expose Smart Homes to Hacker Attacks

securityweek.com - A team of researchers from the University of Michigan and Microsoft conducted an analysis of a smart home platform from Samsung-owned SmartThings and discovered vulnerabilities that could be exploi...

Four Cloud Computing Myths That Need To Die - CTOvision.com

ctovision.com - After all these years, cloud computing is still a victim of myths that are largely untrue, and are often obviously untrue. Cloud computing, and public cloud platforms specifically, have been around...

Michigan Power and Water Utility Hit by Ransomware Attack

Shared by Kimberly

securityweek.com - Lansing Board of Water & Light Hit By Ransomware Attack The Board of Water and Light (BWL) in Lansing, Michigan, was struck by ransomware on Monday, April 25. Only the corporate network was affecte...

Michigan is considering criminalizing vehicle hacking, which is a bad idea

Shared by Evident.io

theverge.com - Hacking into a vehicle's electronic system or exploiting its internal bugs would be punishable for some offenders by life in prison under legislation recently introduced in the Michigan Senate, acc...

Why Is Data Encryption Necessary even in Private Networks?

Shared by Ian

teskalabs.com - WhatsApp recently announced that they turned on end-to-end encryption for their messaging app, estimated to be used by 1 billion users. In this case, end-to-end encryption secures communication bet...

ICS Security Training (Houston, TX)

sans.org - SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both se...

Securing the SDLC

Shared by Veracode

thatsjet.com - I had the opportunity to speak last week at my local ISSA chapter on the topic of Securing the Software Development Lifecycle. Given the interest it generated among the attendees I realized that th...

The Current State of Healthcare Endpoint Security

Shared by Ryan Naraine

duo.com - Securing endpoints in the healthcare industry can be challenging. Large hospital systems often have thousands of workstations used by many different employees, in addition to personal and work-issu...

The best cyberdefence: Think like an attacker | ZDNet

zdnet.com - It's a game of cat and mouse; in the ongoing battle between cyber criminals and cybersecurity professionals, it can sometimes be difficult to know what tactics attackers will employ next. Cyberatta...

WhatsApp blocked by judge for failing to hand over data

nakedsecurity.sophos.com - The government vs. encryption war is escalating in Brazil: it’s donned its boxing gloves and punched out WhatsApp. The same Brazilian judge who threw Facebook Vice President Diego Dzodan in jail fo...

Parameter tampering flaw allowed Pwnedlist to get pwned

Shared by bhconsulting

scmagazineuk.com - Pwnedlist - which provided data on billions of pwned credentials - contained a flaw that allowed users to monitor breaches for arbitrary domains. Pwnedlist, a website that maintains a list of other...

Social Engineering Probably Led to MedStar Security Breach - Ipswitch Blog

ipswitch.com - All the warning signs have been pointing to a rise in security breaches within the healthcare industry. Just yesterday, MedStar Health based in Washington D.C. fell victim to an alleged ransomware ...

Armada Collective DDoS threats were fake, but still scored thousands of dollars

Shared by Radware

yahoo.com - A group of would-be cybercriminals sent empty DDoS attack threats to several sites and online services demanding ransoms to the tune of thousands of dollars. The group claimed to be the shadowy hac...

A View On The Cloud Dream In China from Compare the Cloud - DigitalCentre2020

comparethecloud.net - Guest blog: Daniel Thomas,  Director at Compare The Cloud Twitter: Compare the Cloud LinkedIn: Daniel Thomas Original article posted on Compare the Cloud: Crouching OEM Tiger, Hidden Cloud Dragon T...

¿Hackers en Colombia?

dragonjar.org - Enviado por Colaborador en Ago 10, 2011 | 66 Comentarios Si, los hay y muy buenos. Pero primero tengo que partir desde la definición de Hacker para poder acertar en mi afirmación. Esta entrada fue ...

Adobe Announces Agreement to Acquire Livefyre

Shared by CNET

businesswire.com - SAN JOSE, Calif.--(BUSINESS WIRE)--Adobe (Nasdaq:ADBE) today announced it has entered into a definitive agreement to acquire privately held Livefyre, a content curation and audience engagement comp...

Linux Foundation Badge Program to Boost Open Source Security

Shared by BrianHonan

threatpost.com - The Linux Foundation says a new Core Infrastructure Initiative (CII) Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate proje...

Car hackers could get a life sentence under proposed anti-hacking law

nakedsecurity.sophos.com - Hacking a car in Michigan could become a felony with a life sentence, if proposed legislation introduced last week becomes law in the home state of the US auto industry. The proposed legislation, S...

Process Explorer: An introduction

Shared by Malwarebytes

blog.malwarebytes.org - When Microsoft acquired Sysinternals in 2006, one of the most famous tools it gained was Process Explorer. For Windows operating systems (OS), especially those up to and including Windows 7, Proces...

CSO and CISOs: Pursue an End-to-End Plan for Data Protection - Data Security Blog | Vormetric

Shared by Vormetric

blog.vormetric.com - Organizations that want to survive and thrive in the 21st century need every advantage they can get: top talent, top strategies and of course, top technology. Technology, after all, has helped make...

Critical Security Release for GitLab 8.2 through 8.7

Shared by strandjs

about.gitlab.com - Today we are releasing versions 8.7.1, 8.6.8, 8.5.12, 8.4.10, 8.3.9, and 8.2.5 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain a number of important security f...

How to recover from an Alpha ransomware attack

Shared by Graham Cluley

grahamcluley.com - A researcher has released a decryption tool for a strain of ransomware that uses a "bizarre" routine to encrypt victims' files. Last week, security researchers Michael Gillespie, Katja Hahn, S!Ri, ...

Choosing secure file transfer products for your enterprise

searchsecurity.techtarget.com - Since the earliest days of computing, there have been mechanisms for transferring files from one system to another. Unfortunately, these mechanisms, such as the File Transfer Protocol (FTP) and ema...

Ransomware Hits Utility, Shuts Down Network, Email, Phone

tripwire.com - Home » Latest Security News » Utility Company Infected with Ransomware, Shuts Down Network,… A municipal utility in Michigan reported it fell victim to a ransomware attack last week after an employ...

What a Security Evangelist does, and why you need one - Help Net Security

helpnetsecurity.com - Here is a simple truth: You can create the most revolutionary product ever, but if you can’t get word about it out, you’ll fail. Information security vendors employ security evangelists to help the...

Hacking back: A viable strategy or a major risk?

searchsecurity.techtarget.com - Organizations all over the world are concerned about protecting the information assets they need to produce products,... Enjoy this article as well as all of our content, including E-Guides, news, ...

Russian Hacker Who Stole From Banks Ordered to Pay $7 Million

Shared by Mohit Kumar

thehackernews.com - A Russian man who spent about 3 years behind bars in the United States has been spared further prison time but ordered to pay $7 Million to cover damages he caused to banks using a vicious computer...

MongoDB on breaches: Software is secure, but some users are idiots

Shared by Graham Cluley

theregister.co.uk - You shouldn't expect to see any end to data breaches caused by misconfigured instances of MongoDB soon, the company's strategy veep has told The Register. MongoDB is a fairly popular document store...

Microsoft SHA-1 Deprecation Final Countdown Begins

Shared by Threatpost

threatpost.com - The home stretch of Microsoft’s planned SHA-1 deprecation schedule has arrived. This summer, with the planned release of the Windows 10 Anniversary Update, users should see signs that the weak cryp...

Websites vulnerable to TLS certificate man-in-the-middle attacks

computing.co.uk - Popular web development languages remain vulnerable to transport layer security (TLS) spoofing and exploitation from revoked certificates, putting users at risk of man-in-the-middle attacks. That i...

"Linux Forensics" by Dr. Philip Polstra

Shared by Security Tube

createspace.com - Dr. Philip Polstra (known to his friends as Dr. Phil) is an internationally recognized hardware hacker. His work has been presented at numerous conferences around the globe including repeat perform...

Content Browser Detail

Shared by ESET

eset.com - New Version Includes Mac OS® Compatibility, Cloud and On-Premise Enhancements ESET®, a global pioneer in proactive IT security for more than two decades, today launched a new version of the ESET Re...

Rethinking Cybersecurity: A New Driver for Growth

blogs.cisco.com - All countries, cities, and businesses large and small are racing against the challenges not only to remain secure and relevant today, but also to attain and sustain long-term excellence. Each needs...

Microsoft buys Internet-of-Things company because why not?

Shared by CNET

cnet.com - When we think of the Internet of Things, stuff like Web-connected cars, key-chain finders and door locks are usually among the first things that come to mind. Microsoft is hoping to change that wit...

Use your fingerprint to unlock your phone? You just gave up some rights video

Shared by CNET

cnet.com - Use your fingerprint to unlock your phone? You just gave up some rights Questions over the 5th Amendment are raised when judges can order you to unlock a device with your print -- but you can't be ...

Fitbit CEO disses Apple Watch

Shared by CNET

cnet.com - Fitbit wearables lack the features found in smartwatches such as the Apple Watch. But that's not a bad thing, according to Fitbit CEO James Park. The Fitbit activity and fitness trackers are single...

Apple's request to sell used iPhones in India gets denied

Shared by CNET

cnet.com - Apple's bid to sell used iPhones in India has been given the thumbs-down. The company had been seeking permission to import and sell refurbished iPhones in the country. But the Indian government re...

This site uses cookies for an optimal experience. We also allow third party cookies by trusted partners. By continuing to browse the site you are agreeing to our use of cookies. To learn more and disable some specific cookies, check our Privacy policy →