RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Sat, 08 Dec 2018 01:38:49 +0000
The alleged ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched debilitating denial-of-service attacks against Web sites (including KrebsOnSecurity on multiple occasions) has been sentenced to three years in a U.K. prison, and faces the possibility of additional charges from U.S.-based law enforcement officials.
Read More
Credit to Author: JR Raphael| Date: Thu, 06 Dec 2018 09:21:00 -0800
Got Fi? Google’s unusual wireless service may have shifted its name from Project Fi to Google Fi this fall, but its core proposition remains the same: Pay only for the data you use, and avoid all the traditional carrier gotchas and nonsense.
For the right kind of person, especially among those of us on Android, Fi can be a real cost- and hassle-saver. And aside from its most prominently promoted perks — the seamless network-switching, the public Wi-Fi use, the fee-free roaming and hotspot capabilities, and so on — Fi has some pretty interesting out-of-the-way options that can really elevate your experience.
Credit to Author: Jonny Evans| Date: Thu, 06 Dec 2018 07:00:00 -0800
Imagine using Face ID on your iPhone alongside a password and Touch ID on your computer in order to access highly secure websites, such as online banks, enterprise intranets and confidential online data services.
That’s a possibility as Apple begins testing a new security standard called WebAuthn.
Apple has begun beta-testing support for the standard in Safari Technology Preview Release 71, thought it does warn this support is an “experimental feature”, so it may go no further than that.
Credit to Author: Lucas Mearian| Date: Wed, 05 Dec 2018 03:01:00 -0800
In a joint report for the Monitoring, Evaluation, Research and Learning (MERL) Technology conference this fall, researchers who studied 43 blockchain use cases came to the conclusion that all underdelivered on claims.
And, when they reached out to several blockchain providers about project results, the silence was deafening. “Not one was willing to share data,” the researchers said in their blog post.
Credit to Author: BrianKrebs| Date: Tue, 04 Dec 2018 21:45:51 +0000
Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward.
Read More
Credit to Author: BrianKrebs| Date: Mon, 03 Dec 2018 17:25:58 +0000
The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers.
Read More
Credit to Author: SSD / Ori Nimron| Date: Sun, 02 Dec 2018 13:08:59 +0000
Vulnerabilities Summary QuartzCore ( https://developer.apple.com/documentation/quartzcore ), also known as CoreAnimation, is a framework use by macOS and iOS to build an animatable scene graph. CoreAnimation uses a unique rendering model where the graphics operations are run in a separate process. On macOS, the process is WindowServer and on iOS the name is backboardd. Both of … Continue reading SSD Advisory – iOS/macOS Safari Sandbox Escape via QuartzCore Heap Overflow
Read More
Credit to Author: BrianKrebs| Date: Sat, 01 Dec 2018 21:16:13 +0000
We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.
Read More