The Security Daily

Technology

Network Time Protocol Vulnerabilities

Shared by
Dan Kaminsky

ics-cert.us-cert.gov - Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple vulnerabilities with CERT/CC concerning the Network Time Protocol (NTP). As NTP is widely used within oper...

Microsoft takes action against tech support scammers

Shared by
Microsoft

amp.twimg.com - Tech support scams are not a new phenomenon. Scammers have been peddling useless security software for years, tricking people into spending millions of dollars on non-existent computer problems.

Hackers Can Read Your Private SMS and Listen to Phone Calls - Hacker News

Shared by
Mohit Kumar

thehackernews.com - Security researchers have discovered a massive security flaw that could let hackers and cybercriminals listen to private phone calls and read text messages on a potentially vast scale – no matter i...

How to hide, rearrange Instagram filters - CNET

Shared by
CNET

cnet.com - On Tuesday Instagram announced an update for both its iOS and Android apps. Headlining the changelog was the addition of five new filters, all of which take a subtle approach to enhancing a photo. ...

Most Popular Interviews of 2014

Shared by
Lifehacker

lifehacker.com - Every week we have the pleasure of highlighting some of our productivity heroes, from company CEOs to artists and writers who manage to accomplish more than any reasonable human being should. Let's...

How to disable phone calls on your iPad - CNET

Shared by
CNET

cnet.com - With OS X 10.10 Yosemite, Apple introduced its Continuity feature that lets you field phone calls and text messages from your iOS devices and Mac. I enjoy being able to respond to texts from my Mac...

Cisco's John Chambers on Smart Garbage, Self-Awareness, and the Future of Tech Companies

Shared by
Cisco Security

inc.com - One of the easiest ways to look foolish is to start making predictions about the future. But when Peter Diamandis, Esther Dyson, John Chambers, and other forward thinkers offer their thoughts about...

Three Sets of Sony Headphones for Under $20, Today Only

Shared by
Lifehacker

deals.kinja.com - Amazon has a selection of very very cheap Sony Headphones today. Granted, these aren't going to blow anyone away with their sound or build quality, but they'll make a nice set of backups, or a chea...

Need a new size? Just tap the mirror - CNET

Shared by
CNET

cnet.com - In a place where fashion comes first, tech is coming in at a close second. In major department stores and small boutiques, the dressing room is getting a high-tech makeover. CNET.com's Kara Tsuboi ...

Router Vulnerability Puts 12 Million Home and Business Routers at Risk - Hacker News

Shared by
The Hacker News

thehackernews.com - More than 12 million routers in homes and businesses around the world are vulnerable to a critical software bug that can be exploited by hackers to remotely monitor users’ traffic and take administ...

Surprising apps in 2014 you may have missed - CNET

Shared by
CNET

cnet.com - At the end of every year, CNET gives you top lists for products such as the best cameras, the best phones, and the best televisions, but with smartphone apps it's a little more difficult to make th...

Sued by Google, a State Attorney General Retreats - NYTimes.com

Shared by
Kevin Mitnick

nytimes.com - Attorney General Jim Hood of Mississippi on Friday agreed to call a “time out” in his fight with Google after the Internet giant filed a lawsuit accusing him of conspiring with the movie industry. ...

Use Roundme to view, share interactive panoramic photos - CNET

Shared by
CNET

cnet.com - Photos have a way of making you feel as if you were there when the picture was captured. Panoramic photos, especially, have a way of amplifying this feeling by capturing the entire atmosphere and s...

Solo attacker likely responsible for phishing campaign, delivering Zeus variant - SC Magazine

Shared by
SCMagazine

scmagazine.com - Phishing emails, a phishing kit and phony browser alerts are being used to steal credentials and deliver a variant of the Zeus trojan, and researchers with PhishLabs – the security firm that identi...

Top-rated reviews of the week (pictures) - CNET

Shared by
CNET

cnet.com - We're getting to the final stretch of the year, but that doesn't mean CNET editors didn't have some noteworthy products to review. This week, we have not one but two toasters, a pretty impressive g...

Best Buys That Could Lead to the Worst Shams - Security News - Trend Micro USA

Shared by
Trend Micro

trendmicro.com - Last year was a good time to shop for smartphones, tablets, toys, video games, and cameras and these popular items got a lot of online hits. Unfortunately, there were a lot of web threats that were...

Tesla tentatively tests battery swap plan - CNET

Shared by
CNET

cnet.com - Last year Tesla showed it could swap the big battery pack in its Model S sedans faster than you can fill the tank in an Audi A6. Today, the electric car manufacturer posted a blog entry noting it w...

Dr. Cleaner: Trend Micro’s Free Utility App Will Optimize Your Mac’s Disk and Memory -

Shared by
Trend Micro

blog.trendmicro.com - In the spirit of the holiday giving season, Trend Micro is happy to provide a free utility app to Apple Mac users called Dr. Cleaner. Among the Mac apps we examined, only Dr. Cleaner does both memo...

Git client discloses critical security vulnerability - SC Magazine

Shared by
SCMagazine

scmagazine.com - A critical security vulnerability in Git client that affects all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac was announced on Thursday. Th...

Researchers Make BitTorrent Anonymous and Impossible to Shut Down

Shared by
RSnake

torrentfreak.com - The Pirate Bay shutdown has once again shows how vulnerable the BitTorrent ‘landscape’ is to disruptions. With a single raid the largest torrent site on the Internet was pulled offline, dragging do...

Obama promises U.S. response to Sony attack, says company made mistake - SC Magazine

Shared by
SCMagazine

scmagazine.com - Pledging a U.S. response to the Sony Pictures hack, which the FBI blamed on North Korea, President Obama nevertheless said the movie company “made a mistake” in canceling the Christmas Day debut of...

Staples: Hack may have affected more than a million payment cards - CNET

Shared by
CNET

cnet.com - Office supply chain Staples said Friday that a hack attack on some of its retail outlets earlier this year may have affected 1.16 million payment cards used by customers, giving attackers access to...

Is North Korea Really Behind the Sony Breach?

Shared by
Kaspersky Lab

blog.kaspersky.com - The Sony breach certainly seems to be the gift that keeps on giving this holiday season. And if the commonly accepted narrative reflects the truth, this whole nightmare scenario stems from what pro...

The Evidence That North Korea Hacked Sony Is Flimsy

Shared by
daveaitel

wired.com - Today Sony canceled the premiere of “The Interview” and its entire Christmas-Day release of the movie because of fears that terrorists might attack theaters showing the film. The actions show just ...

Javascript for Pentesters « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - Javascript for Pentesters will take you beyond alert(‘XSS’) and equip you to demonstrate advanced attacks such as Hijacking Forms, Logging Keystrokes, DOM manipulation etc. This course is Beginner ...

McAfee: Cyberattacks Will Not Slow in 2015

Shared by
Intel Security Biz

wsj.com - This transcript has been automatically generated and may not be 100% accurate. ... our online worlds of mild malefactors are evolving with its in the future cyberespionage and that is going to be e...

How to set up and customize Stacks in OS X - CNET

Shared by
CNET

cnet.com - Stacks have been around since OS X 10.5 Leopard, lending the ability to drag folders to your Mac's Dock for quick and convenient access. A stack provides one-click access to a folder's contents. It...

A Breakdown and Analysis of the December, 2014 Sony Hack

Shared by
Dave Kennedy (ReL1K)

riskbasedsecurity.com - Note: This article is being updated almost daily with new developments regarding the leaks from the Sony Pictures breach. Changelog of updates: The Beginning (November 24) Second Round of Leaks (De...

40,000 federal employees impacted by contractor breach - SC Magazine

Shared by
SCMagazine

scmagazine.com - The personal information of more than 40,000 federal workers may be at risk following a data breach at KeyPoint Government Solutions, a prominent federal contractor. Employees were notified that th...

Android Hacking and Security, Part 17: Cracking Android App Binaries - InfoSec Institute

Shared by
InfoSec Institute

resources.infosecinstitute.com - In this article, we will see how a developer can perform basic checks to programmatically detect if the app is running on an emulator and stop executing the app if an emulator is detected. We will ...

Anatomy of a NYT Piece on the Sony Hack and Attribution

Shared by
Dave Kennedy (ReL1K)

jerichoattrition.wordpress.com - There is a lot of back-and-forth over who hacked Sony Pictures Entertainment. For a not-so-brief summary, here is an extensive timeline to catch you up. I am going to drill down on a single point a...

SwishDbgExt goes open-source.

Shared by
Matt Suiche

msuiche.net - As the world is shaking because North Korea is intimidating American public companies with “the most sophisticated” cyber-attacks ever seen, I figured it would be a good timing to support intellige...

Former employees sue Sony, theaters drop 'The Interview' - SC Magazine

Shared by
SCMagazine

scmagazine.com - As threats of violence from attackers who claim to have brought down Sony Pictures Entertainment's networks prompted movie theaters to drop the film “The Interview,” a pair of what are likely to be...

How to create and deploy smart folders in OS X - CNET

Shared by
CNET

cnet.com - Smart folders in OS X are one of those features that you may not bother to learn how to use, but once you do, you fail to see how you ever lived without them. Smart folders display files by search ...

Learn Pentesting Online

Shared by
Security Tube

pentesteracademy.com - This course will teach you Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administ...

Pocket List: Security

Shared by
Fabio Assolini

getpocket.com - The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) se...

Bad Character Hunting: MicroP

Shared by
Security Tube

pentesteracademy.com - Topics / Exploiting Simple Buffer Overflows on Win32/ Bad Character Hunting: MicroP × This is a Free Video! For just $39 a month get ALL premium course videos! Downloads Videos from Exploiting Simp...

FCC proposal removes hurdle for online TV providers - CNET

Shared by
CNET

cnet.com - Cord-cutters should rejoice this holiday season as the Federal Communications Commission proposes changes to rules that would treat companies distributing TV programming online the same as it treat...

Assembly Language and Shellcoding on Linux « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - The SecurityTube Linux Assembly Expert (SLAE) aims to teach the basics of assembly language on the Linux platform from a security perspective and its application to writing shellcode, encoders, dec...

Heads up! If Tor VANISHES over the weekend, this is why • The Register

Shared by
Kimberly

theregister.co.uk - The Tor Project is warning that its network – used by netizens to mask their identities on the internet – may be knocked offline in the coming days. In a Tor blog post, project leader Roger "arma" ...

Errata Security: Sony hack was the work of SPECTRE

Shared by
Andre M. DiMino

blog.erratasec.com - The problem with hacking is that people try to understand it through analogies with things they understand. They try to fit new information into old stories/tropes they are familiar with. This does...

Apple wins class-action lawsuit over iPod copyright management - SC Magazine

Shared by
SCMagazine

scmagazine.com - Apple won a class-action lawsuit that alleged they had used a software update to ensure iPod owners could only play songs sold in the iTunes Store or downloaded from CDs. The federal court jury too...

Oh, there's no place like home for the holidays

Shared by
GFI Software

gfi.com - Oh, there’s no place like home for the holidays, For no matter how far away you roam While you long for a break from your IT job For IT support – your family looks to you! With the holiday season u...

3 Simple Ways to Fix Cart Abandonment

Shared by
Moblized

moblized.com - Abandonment is one of those performance metrics that is a grim reminder of lost revenue. It’s a depressing thought: that a significant portion of your users will leave without making a purchase. It...

Leaked Sony IT Evaluations: "There Is No Overall Strategy"

Shared by
Phil Agcaoili

gizmodo.com - We already knew that, mere months before hackers attacked Sony, the company's execs were aware of extensive issues plaguing its IT department. Now, leaked 2012 evaluations from Sony IT employees sh...

Barrett Brown sentencing delayed until January - SC Magazine

Shared by
SCMagazine

scmagazine.com - Barrett Brown showed up in a federal courtroom in Dallas Tuesday for sentencing on charges of threatening an FBI agent in a YouTube video and misdemeanor obstruction, only to learn after several ho...

In the tech industry, timing is everything

Shared by
GFI Software

gfi.com - Nobody wants to be an also-ran. You know it has to be frustrating when another company comes up with a great, innovative idea that really takes off, and your company is left trying to play catch-up...

What, when and who? Auditing 101 - Part 3 - SQLServerCentral

Shared by
Allen White

sqlservercentral.com - In the previous two articles of this series, we looked at Change Tracking and Change Data Capture. In this article we will take a look at another technique available in SQL Server 2008 and higher. ...

Happy holidays, thanks, and a request from Naked Security to you

Shared by
Bev Robb

nakedsecurity.sophos.com - It's that time of year when many of our Naked Security writers go on a little break, so you might notice we'll be a bit quieter for the next couple of weeks. It's been a busy year for us here. In n...

For the US connected classroom, a leap forward - CNET

Shared by
CNET

cnet.com - Wi-Fi, for many of us, has become integrated into every facet of our lives -- at home, at work, and at the coffee shop. But one place that should have lightning-fast Internet access too often doesn...