RSS Reader for Computer Security Articles
Credit to Author: Andy Greenberg| Date: Tue, 07 Mar 2017 21:03:55 +0000
A new leak hints at the spooks’ digital arsenal, from iOS and Android to Samsung smart TVs. The post How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks) appeared first on WIRED.
Read MoreCredit to Author: Brian Barrett| Date: Tue, 07 Mar 2017 20:00:57 +0000
Despite some initial confusion, the CIA hasn’t undermined Signal and other important end-to-end encrypted apps. The post Don’t Let WikiLeaks Scare You Off of Signal and Other Encrypted Chat Apps appeared first on WIRED.
Read More
Credit to Author: Lucian Constantin| Date: Tue, 07 Mar 2017 08:37:00 -0800
A five-month-old flaw in Android’s SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS.
The first set of patches, known as patch level 2017-03-01, is common to all patched phones and contains fixes for 36 vulnerabilities, 11 of which are rated critical and 15 high. Android vulnerabilities rated critical are those that can be exploited to execute malicious code in the context of a privileged process or the kernel, potentially leading to a full device compromise.
One of the patched vulnerabilities is located in the OpenSSL cryptographic library and also affects Google’s newer BoringSSL library, which is based on OpenSSL. What’s interesting is that the flaw, identified as CVE-2016-2182, was patched in OpenSSL back in September. It can be exploited by forcing the library to process an overly large certificate or certificate revocation list from an untrusted source.
To read this article in full or to leave a comment, please click here
Credit to Author: Lily Hay Newman| Date: Tue, 07 Mar 2017 16:40:49 +0000
In a leak of nearly 9,000 documents, WikiLeaks puts the CIA’s secrets in the open. The post WikiLeaks Just Dumped a Mega-Trove of CIA Hacking Secrets appeared first on WIRED.
Read More
Credit to Author: Grant Gross| Date: Tue, 07 Mar 2017 08:22:00 -0800
WikiLeaks has released more than 8,700 documents it says come from the CIA’s Center for Cyber Intelligence, with some of the leaks saying the agency had 24 “weaponized” and previously undisclosed exploits for the Android operating system as of 2016.
Some of the Android exploits were developed by the CIA, while others came from the U.S. National Security Agency, U.K. intelligence agency GCHQ, and cyber arms dealers, according to the trove of documents released Tuesday.
Some smartphone attacks developed by the CIA allow the agency to bypass the encryption in WhatsApp, Confide, and other apps by collecting audio and message traffic before encryption is applied, according to the WikiLeaks analysis.
To read this article in full or to leave a comment, please click here
Credit to Author: Jon Clay| Date: Tue, 07 Mar 2017 14:00:41 +0000
Much of the data that is included in our 2016 security roundup report, A Record Year for Enterprise Threats, comes from the Trend Micro™ Smart Protection Network™ infrastructure. This is where our global threat intelligence resides and where we provide much of our protection capabilities for our customers. Trend Micro has 500,000 commercial customers and…
Credit to Author: Lily Hay Newman| Date: Tue, 07 Mar 2017 14:00:57 +0000
Instead of pursuing a child porn case, the Justice Department will keep its secrets for at least a few years longer. The post The Feds Would Rather Drop a Child Porn Case Than Give Up a Tor Exploit appeared first on WIRED.
Read MoreCredit to Author: Maria Krasnoshchekova| Date: Tue, 07 Mar 2017 14:21:36 +0000
The Kaspersky Protection browser plugin keeps you safe while you traipse around the Internet — and it has several other useful features.
Read More