The Security Daily

Technology

Flaw in Facebook Copyright Tool Earns Expert $4,000

Shared by SecurityWeek

securityweek.com - A researcher has earned a significant bug bounty after finding a severe vulnerability in Facebook’s Rights Manager copyright management tool. Rights Manager is designed to allow publishers to prote...

The Week in Ransomware- August 26 2016 - Cows, WildFire Locker, Locky, and More!

bleepingcomputer.com - Ransomware is running rampant!  This week we have 10 stories, with 6 new ransomware, a decryptor, Locky being distributed as a DLL, and more. Pop culture ransomware continues to be the "thing" as n...

Tesla Model X: The official SUV of the future

Shared by Dave Trader

engadget.com - The (nearly) eye-popping boost of supercar-esque acceleration from Tesla's $10,000 Ludicrous mode option is essentially an expensive party trick. For the price of a used Honda Civic, you can impres...

Certificate Authority Gave Out Certs For GitHub To Someone Who Just Had A GitHub Account | Techdirt

techdirt.com - For many years now, we've talked about the many different problems today's web security system has based on the model of security certificates issued by Certificate Authorities. All you need is a b...

Public Access - The Public Access Weekly: Everyday robots

Shared by Dave Trader

engadget.com - Looking for something to read? Check out:A lot of people have opinions on Uber, Lyft and the way those companies are impacting the taxi industry. To whit, Massachusetts' governor recently enacted a...

Schedule – DerbyCon 6.0 Recharge

Shared by Sarah Edwards

derbycon.com - Schedule Friday Saturday Sunday Track 1 (Break Me) Regency North Track 2 (Fix Me) Regency Center Track 3 (Teach Me) Regency South Track 4 (The 3-Way) Keeneland Track 5 (Stable Talks) Pimlico 9:00 a...

Errata Security: Notes on that StJude/MuddyWatters/MedSec thing

blog.erratasec.com - I thought I'd write up some notes on the StJude/MedSec/MuddyWaters affair. Some references: [1] [2] [3] [4]. The story so far tl;dr: hackers drop 0day on medical device company hoping to profit by ...

Answering the "So What" Question on Cyber Threat Intelligence

Shared by SecurityWeek

securityweek.com - Cyber threat intelligence comes in many different flavors that address different problems and different roles within the organization. At the end of the day, however, as with any cyber security-rel...

PS>Attack Build Tool v1.6 – an offensive PowerShell console that makes it easy for pentesters to use PowerShell. – Security List Network™

seclist.us - Changelog PS>Attack Build Tool v1.6: What’s New ++ New “UI” ++ Implemented generated strings to be passed into PS>Attack when compiled. What does it do? The PS>Attack Build Tool downloads the lates...

So, you want to work in security? – Free Code Camp

medium.freecodecamp.com - Every once in a while, I’ll get an email from an eager stranger asking for advice on how to have a career in security (computer, information, cyber… whatever). This is great! We need more passionat...

Singapore will disconnect entire civil service from the internet

Shared by Bruce Hudson

boingboing.net - Singapore, fearing cyberattacks -- especially ones related to the ongoing South China Sea cold war -- will, as of next May, disconnect its entire civil service from the internet, airgapping the who...

HackedThat: Breaking in to a hardened server via the back door

Shared by Ian Cook

polynome.co - Earlier this summer, the team at Inversoft published a comprehensive and sophisticated guide to user data security. The guide spans from hardening servers from provisioning, up through the IP and S...

SSA: Ixnay on txt msg reqmnt 4 e-acct, sry — Krebs on Security

Shared by Moix Security

krebsonsecurity.com - The U.S. Social Security Administration says it is reversing a newly enacted policy that required a cell phone number from all Americans who wished to manage their retirement benefits at ssa.gov. T...

Missouri S&T expert to present at Governor’s Cybersecurity Summit

news.mst.edu - A computer science professor from Missouri University of Science and Technology will join top government hackers, corporate risk managers and information technology professionals at the inaugural G...

How will driverless cars make life or death choices? Google exec admits he doesn't know

cnet.com - Technically Incorrect offers a slightly twisted take on the tech that's taken over our lives. I think of morality as a feather that shifts in the wind and occasionally brushes your face delightfull...

Cyber Career Connection

Shared by Symantec

symantec.com - Your Information Cyber Career Connection Collaborating to Build the Workforce of Tomorrow Twenty-six year old Michael from the Bronx never envisioned himself pursuing a career in cybersecurity but ...

Improving the Status of Women in Cybersecurity -

theprivacyguru.com - Shouldn’t the technology which touches all of our lives include perspectives across the gender spectrum? Wouldn’t we collectively benefit from a wider range of life experiences brought to bear on t...

Nintendo on its theme park plans -- 'It's a huge opportunity'

Shared by CNET

gamespot.com - Nintendo is bringing its franchises and characters to Universal Studios theme parks in Florida and Japan. While these parks have yet to open and specific rides and attractions have not been announc...

How to stop WhatsApp from sharing your data with Facebook

Shared by CNET

cnet.com - For the first time in four years and since being acquired by Facebook, WhatsApp is updating its terms and conditions, as well as its privacy policy. Part of this update includes WhatsApp sharing yo...

Is the Reality of Self-Driving Cars Safe ... Yet? - Rewrite

ca.com - But all joking aside, it’s pretty obvious that technology and software innovations are driving a driverless world. For Pittsburg Ubers, that’s dozens of sensors using cameras, lasers, radar and GPS...

All Courses - Full Listing

Shared by Security Tube

pentesteracademy.com - This course will teach you Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administ...

IoT Blindness Strikes More than Half of All Enterprises - Datamation

datamation.com - Add sheer visibility to the growing list of concerns surrounding the explosive growth of the Internet of Things (IoT). Tripwire recently surveyed over 220 security professionals at this year's Blac...

Update iPhone to iOS 9.3.5; Prevent this Highly Sophisticated Spyware

hackread.com - Apple’s iPhones are always in demand and the preferred choice of gadget-savvy users around the world but, we cannot ignore the fact that iPhone is the most widely attacked smartphone from both indi...

65% of IT Leaders Expect Serious Data Breach to Hit Their Business Within the Next Year

itsecurityguru.org - Okta, the leading provider of identity and device management for the cloud and mobile enterprise, today announced the findings of its first Secure Business Agility report. Based on data compiled fr...

Startup Website Security And WordPress Vulnerability

Shared by Dejan Kosutic

tripwire.com - You, a creative entrepreneur with a great idea, finally launch a business. As a startup, having your own website is essential in conducting business. Startups must always take extra precaution when...

Another Forensics Blog: Safari Binary Cookies - Now with more parsing power!

Shared by SANS DFIR

az4n6.blogspot.com - Safari stores cookies in a file called Cookies.binarycookies under the location ~/Library/Cookies/Cookies.binarycookies. In earlier versions of Safari, cookies were stored in a plist file which cou...

Patch Now! Apple Closes Up Three iOS Vulns Exploited by Spyware Kit

tripwire.com - Listen up, iOS users! Apple has fixed three vulnerabilities in its mobile operating system that were sold with and exploited by a spyware kit. On 25 August, Apple released iOS 9.3.5. The upgrade pl...

​Monitoring SSL traffic now everyone's concern: A10 Networks | ZDNet

Shared by TEAM CYMRU

zdnet.com - As usage of Secure Sockets Layer (SSL) moves beyond the login page or banking website and out into the wider web, Tim Blombery, Systems Engineer at security firm A10 Networks, believes monitoring S...

NSO, Who Are You? Secret Software Group Behind iPhone Hack Scrutinized

Shared by Ian Cook

sputniknews.com - "It is responsible for many unique developments on both mobile and PC environments. The company also specializes in creating highly sought solutions in the mobile and PC controlled environments." N...

This App Can Tell if an iPhone Was Hacked With Latest Pegasus Spy Malware

Shared by Ian Cook

variety.com - Got an iPhone? Then you should update it to the latest version of iOS right away: iOS 9.3.5, which was released by Apple Thursday, closes three critical security vulnerabilities that were used by a...

List of Cyber Threat "Wake-Up Calls" Growing

Shared by Bob Gourley

ctovision.com - The list below is an update to our reference of "Cyber Security Wake-Up Calls."  What does it take to be on the list? Generally each of the events below was so significant policy makers were loudly...

'One of the most sophisticated pieces of cyberespionage software' uncovered at Citizen Lab

Shared by Ian Cook

mashable.com - An extremely advanced hack exploiting three iOS vulnerabilities in iPhones was recently uncovered by researchers at digital rights watchdog group Citizen Lab and mobile security company Lookout.  C...

ENISA: Security of Things important for CIIs

Shared by Ian Cook

welivesecurity.com - The Security of Things is set to become a key feature in the fight against cybercriminals, according to a new report by the European Union Agency for Network and Information Security (ENISA). Its p...

Cyber Cold War: Unmasking the ‘Russian Hacker’

cbronline.com - Hackers have certainly been pushed front and centre into the public eye recently. The New York Times, the World Anti-Doping Agency, Hilary Clinton and the Democratic National Convention are just a ...

Tulsa cyber security expert urges iPhone users to upgrade operating system after vulnerabilities exposed

tulsaworld.com - Related story: Apple releases security update after activist discovers iPhone spyware While it may seem an Israeli digital arms dealer's attempts to exploit vulnerabilities in iPhones mostly target...

PhishLabs Honored As a Top-Performing Company in South Carolina

prweb.com - PhishLabs, the leading provider of 24/7 cybersecurity services that protect against the exploitation of people, today announced the company has been recognized in the 2016 Roaring Twenties list of ...

Why online privacy matters — and how to protect yours

Shared by Bruce Hudson

ideas.ted.com - As the principal technologist at the American Civil Liberties Union, Christopher Soghoian (TED talk: How to avoid surveillance … with the phone in your pocket) spends much of his time thinking abou...

5 Types of Malware & How To Remove Them

Shared by SecureNinja

cybersecurityzen.com - 5 Common Types of Malware & How You Can Remove Them Malware, a shortened combo of the words ‘malicious software’ is a hot topic in cybersecurity these days. Not only has malware affected the safety...

Malware Infected All Eddie Bauer Stores in U.S., Canada — Krebs on Security

Shared by Moix Security

krebsonsecurity.com - Clothing store chain Eddie Bauer said today it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards use...

The mistake that made the DNC hack possible

Shared by Vormetric

dailydot.com - If Donald Trump becomes president of the United States, many will undoubtedly point their regular-sized fingers at the leak of nearly 20,000 emails stolen from the Democratic National Committee as ...

Q&A: Interview with a Hacker Hunter – Practically Unhackable

Shared by Sophos

medium.com - About a year and a half ago, my mom got hacked. A virus known as CryptoWall infiltrated her computer and encrypted all of her files. In order to get them back, she had to deliver a ransom of $500 i...

Tips for Securing SSL Renegotiation - McAfee

Shared by Kimberly

blogs.mcafee.com - A number of Internet connections require SSL renegotiation, a Secure Sockets Layer/Transport Layer Security process that allows the changing of the details of a handshake after a connection is made...

United Airlines Sets Minimum Bar on Security — Krebs on Security

Shared by Moix Security

krebsonsecurity.com - United Airlines has rolled out a series of updates to its Web site that the company claims will help beef up the security of customer accounts. But at first glance, the core changes — moving from a...

Ready to run Windows programs on Android tablets and Chromebooks?

androidauthority.com - This article was originally published on our sister site TabTimes. CrossOver is a program that allows you to run Windows programs on non-Windows platforms. The developers have been trying to bring ...

The media becomes the story as hackers focus efforts on news organizations

scmagazine.com - News reports yesterday that the New York Times and other news organizations were attacked by hackers should not only come as no surprise, but industry insiders believe news organizations should pre...

Avoiding a bleak cybersecurity scenario

Shared by Gigamon

csoonline.com - Almost three out of four organizations suffered at least one security breach or incident in the past year. If your organization didn’t number among the victims, consider yourself lucky; Gartner pre...

Your Next Doctor’s Appointment Might be On WhatsApp

Shared by Bev Robb

fortune.com - When messaging service WhatsApp announced in April that it would adopt end-to-end encryption, it rankled law-enforcement agencies worldwide (Brazilian officials briefly shut down the Facebook-owned...

AWS Security Best Practice #0: CloudTrail and Encryption

Shared by Evident.io

cloudsentry.evident.io - Moving your architecture to AWS in whole or part also means that your team reaps the rewards of new changes and services that are sometimes deployed very rapidly.  This is a distinguishing feature ...

40,000 NFC-connected Malibu bottles are heading to Tesco stores

internetofbusiness.co.uk - Rum drinks maker Malibu is taking thousands of NFC tagged bottles into Tesco retail stores, in a bid to drive closer engagement with its younger buyers. Cocktail drinks manufacturer Malibu will pus...

This site uses cookies for an optimal experience. We also allow third party cookies by trusted partners. By continuing to browse the site you are agreeing to our use of cookies. To learn more and disable some specific cookies, check our Privacy policy →