Fragmentation: the silent killer in security management
Credit to Author: Ryan Francis| Date: Mon, 20 Mar 2017 10:28:00 -0700
7 universal rules of threat intelligence
Credit to Author: Ryan Francis| Date: Mon, 20 Mar 2017 10:00:00 -0700
Private photos of more celebrities leaked in Fappening 2.0
Credit to Author: Darlene Storm| Date: Mon, 20 Mar 2017 09:51:00 -0700
Here we go again with another round of The Fappening which was also known as Celebgate.
The Fappening 2.0, or Celebgate 2.0, started with private photos of Emma Watson and Amanda Seyfried circulating on the “dark web” and then 4chan last week before the images made it to Reddit.
Softpedia reported that more private images of celebrities are also circulating online, including pictures of the following actresses and models: “Rose McGowan (actress), Katie Cassidy (actress), Alyssa Arce (model), Rhona Mitra (actress), Analeigh Tipton (figure skater & actress), Iliza Shlesinger (comedian), Jilliain Murray (actress), Paige (WWE star), Dylan Penn (model, daughter of Sean Penn), Kristanna Loken (actress), April Love Geary (model), Trieste Kelly Dunn (actress), and Lili Simmons (actress).” The article claims that the leak also included footage of at least one celebrity engaging in sexual acts.
To read this article in full or to leave a comment, please click here
FBI confirms probe of Russian hack of U.S. election, possible Trump involvement
Credit to Author: Grant Gross| Date: Mon, 20 Mar 2017 08:36:00 -0700
The FBI is actively investigating Russia’s attempts to influence the 2016 U.S. presidential election and possible cooperation from President Donald Trump’s campaign, agency director James Comey confirmed.
The existence of an investigation isn’t a surprise, but Comey’s announcement Monday is the first time the FBI has acknowledged an active case. The FBI typically does not comment on active investigations, but the Russian actions targeting the U.S. election represents an “unusual” case, he told members of the House of Representatives Intelligence Committee.
Comey told lawmakers he couldn’t comment more on the investigation, but he said the FBI is looking into possible contacts and cooperation between the Trump campaign and the Russian government. The FBI is looking into “the nature of any links” between the Trump campaign and the Russian government, he said.
To read this article in full or to leave a comment, please click here
Cebit showcases security after Snowden
Credit to Author: Peter Sayer| Date: Sun, 19 Mar 2017 23:00:00 -0700
It’s been almost four years since Edward Snowden leaked U.S. National Security Agency documents revealing the extent of the organization’s surveillance of global internet traffic, but he’s still making the headlines in Germany.
At the Cebit trade show in Hannover, Germany, he’ll be looking back at that period in live video interview from Moscow on Tuesday evening.
There have been a lot of changes on the internet in those four years, but one of the biggest is the growth in the use of encryption.
In 2013, the NSA had free rein and could listen in on almost any communication it wanted. Now, it’s commonplace to encrypt traffic to webmail services and even popular websites such as Microsoft.com or Google.com using the https protocol. And you don’t have to be an enemy of the state to use an end-to-end encrypted messaging system such as WhatsApp simply to chat with friends.
To read this article in full or to leave a comment, please click here
Ubiquiti called out for security flaw
Credit to Author: Michael Horowitz| Date: Sun, 19 Mar 2017 18:48:00 -0700
When it comes to evaluating networking devices (routers, Access Points, switches), almost everyone focuses on the hardware. Not me. My RouterSecurity.org site is devoted to software.
But, there is yet another crucial aspect to evaluating devices – the personality of the company behind it. Specifically, how it reacts to the inevitable software flaws.
At the end of 2016 assorted bugs in Netgear routers were made far worse by the company’s slow reaction. Now, Netgear has a whole new procedure for dealing with bug reports. Time will tell how well it works.
This week, the focus is on Ubiquiti Networks. Over at SmallNetBuilder.com, Tim Higgins just reviewed their latest access points and started off the review pointing out how popular Ubiquiti access points are with the Ars Technica crowd.
To read this article in full or to leave a comment, please click here
SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE
Credit to Author: Maor Schwartz| Date: Sun, 19 Mar 2017 08:05:05 +0000
Vulnerability Summary The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1. By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge that was once hidden in the myriad systems, applications, and databases used to store enterprise content. … Continue reading SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE
Read MoreBlackBerry preps a more secure Samsung Galaxy S7
Credit to Author: Peter Sayer| Date: Sun, 19 Mar 2017 10:58:00 -0700
Secusmart, the BlackBerry subsidiary that secures the German Chancellor Angela Merkel’s smartphone, will roll out a version of its SecuSuite security software compatible with Samsung Electronics’ Knox platform later this year.
That means that organizations looking for smartphones offering government-grade security will be able to buy the Samsung Galaxy S7 or, soon, the S8 rather than the now-discontinued BlackBerry OS smartphones like the one Merkel uses.
In addition to encrypting communications and data stored on the device, the new SecuSuite also secures voice calls using the SNS standard set by Germany’s Federal Office for Information Security (BSI). Organizational app traffic is passed through an IPsec VPN, while data from personal apps can go straight to the internet. Encrypted voice calls go through a different gateway, not the VPN.
To read this article in full or to leave a comment, please click here