Free Republic 3rd Quarter Fundraising Target: $88,000 Receipts & Pledges to-date: $30,214
34%  
Woo hoo!! And the first 34% is in!! Thank you all very much!!

Keyword: security

Brevity: Headers | « Text »
  • CISA: the dirty deal between Google and the NSA that no one is talking about

    07/29/2015 10:43:18 PM PDT · by Brad from Tennessee · 4 replies
    The Hill ^ | July 29, 2015 | By Evan Greer and Donny Shaw
    One of the things that civil liberties activists like to lament about is that the general public seems to care more about Google and Facebook using their personal data to target advertising than the government using it to target drone strikes. The reality is that both types of abuse are dangerous, and they work hand in hand. It’s hard to find a more perfect example of this collusion than in a bill that’s headed for a vote soon in the U.S. Senate: the Cybersecurity Information Sharing Act, or CISA. CISA is an out and out surveillance bill masquerading as a...
  • Experian Hit With Class Action Over ID Theft Service

    07/21/2015 2:17:21 PM PDT · by snarkpup · 1 replies
    Krebs on Security ^ | July 21, 2015 | Brian Krebs
    Big-three credit bureau Experian is the target of a class-action lawsuit just filed in California. The suit alleges that Experian negligently violated consumer protection laws when it failed to detect for nearly 10 months that a customer of its data broker subsidiary was a scammer who ran a criminal service that resold consumer data to identity thieves.
  • The US agency plundered by Chinese hackers made one of the dumbest security moves possible

    07/12/2015 12:37:06 AM PDT · by Libloather · 47 replies
    Business Insider ^ | 6/18/15 | Natasha Bertrand
    Contractors in Argentina and China were given "direct access to every row of data in every database" when they were hired by the Office of Personnel Management (OPM) to manage the personnel records of more than 14 million federal employees, a federal consultant told ArsTechnica. The massive breach of OPM's database — made public by the Obama administration this month — prompted speculation over why the agency hadn't encrypted its systems, which contain the sensitive security clearance and background information for intelligence and military personnel. Encryption, however, according to Ars, would not have helped in this case because administrators responsible...
  • No One Is Safe: $300 Gadget Steals Encryption Keys out of the Air, and It’s Nearly Unstoppable

    07/08/2015 6:56:44 PM PDT · by 2ndDivisionVet · 27 replies
    BGR ^ | July 8, 2015 | Zach Epstein
    Just when you thought you were safe, a new hacking toy comes along and rocks your world. Imagine a tool exists that lets hackers pluck encryption keys from your laptop right out of the air. You can’t stop it by connecting to protected Wi-Fi networks or even disabling Wi-Fi completely. Turning off Bluetooth also won’t help you protect yourself. Why? Because the tiny device that can easily be hidden in an object or taped to the underside of a table doesn’t use conventional communications to pull off capers. Instead it reads radio waves emitted by your computer’s processor, and there’s...
  • Apple issues large patch set to shore up OS X, iOS security

    07/01/2015 7:00:32 PM PDT · by Utilizer · 12 replies
    iTnews (AUS) ^ | Jul 1, 2015 6:02 P (AUS) | Juha Saarinen
    Apple has quietly included a large amount of security fixes in its latest set of patches for its OS X and iOS operating systems, plugging some serious, high-profile vulnerabilities in its code. A tally of the common vulnerability and exposures (CVE) tags in the OS X Yosemite 10.10.4, Security Update 2015-005 and Safari 8.0.7 update packages showed 80 vulnerabilities have been patched by Apple. These range from a flaw that allowed attackers to write to the low-level extensible firmware interface (EFI) - which manages the hardware in Mac computers - when the systems resume from sleep. The EFI zero-day was...
  • Warning: Windows 10 will share your Wi-Fi key with your friends' friends (and FB friends, and...)

    06/30/2015 7:07:24 PM PDT · by dayglored · 46 replies
    The Register ^ | June 30, 2015 | Simon Rockman
    A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it shares access to password-protected Wi-Fi networks with the user's contacts. So giving a wireless password to one person grants access to everyone who knows them. That includes their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, their Facebook friends. There is method in the Microsoft madness – it saves having to shout across the office or house “what’s the Wi-Fi password?” – but ease of use has to be tamed with security. If you wander close to a wireless network, and your friend knows the password,...
  • Microsoft won't fix Internet Explorer zero-day

    06/26/2015 7:36:19 PM PDT · by Utilizer · 47 replies
    iTnews (AUS) ^ | Jun 24, 2015 9:27 AM (AUS) | Allie Coyne, Juha Saarinen
    HP researchers have published details and proof-of-concept exploit code for a number of zero-day vulnerabilities in Microsoft's Internet Explorer web browser which allow attackers to bypass a key exploit mitigation. The researchers - part of HP's zero-day initiative team - have a policy to only disclose details of bugs reported to vendors after patches are issued. But the team decided to go public after being informed by Microsoft that it did not intend to fix the bugs as the company feels the vulnerabilities don't affect enough users. The flaws were serious enough, however, for Microsoft to earlier award the HP...
  • Local churches look to increase security measures in the aftermath of the Charleston shooting

    06/19/2015 12:43:55 PM PDT · by 2ndDivisionVet · 29 replies
    KFOX-TV ^ | June 18, 2015 | Meghan Lopez
    In the aftermath of a shooting at a church in Charleston, South Carolina, that left nine people dead and three others injured, religious groups in Texas are looking for ways to protect their parishioners. Pastor Eric Hallback Sr. from the Rock Faith Center was in bible study when word came of the Charleston tragedy. He said he turned to his faith when heard what happened. “I immediately began to pray for peace and comfort for the families,” he said. Hallback said he understands that people be more worried when they attend church this weekend and there may be a sense...
  • We Need 65,000 Syrian Refugees Here, Really?

    06/18/2015 12:11:07 PM PDT · by RightSideNews · 37 replies
    Virginia Free Citizen ^ | June 18, 2015 | Suzanne Shattuck
    The US Department of State, DHS, and 14 Democrat Senators, including Senator Kaine (see his press release), are begging for 65,000 Syrian refugees to be settled in our communities and without your consent. Virginia only has 17 Syrian refugees at last count, so is Virginia under review for the next huge wave? As thousands of new immigrants are slated to arrive over the next few years, the chances of rubbing shoulders with Islamic terrorists increase dramatically. According to Refugee Resettlement Watch, the percentage of Muslim refugees in America was close to zero in the 1990’s. By the year 2000 it was 44%. Post...
  • Tim Cook received complaints on Apple's bag check policy

    06/11/2015 10:32:51 AM PDT · by for-q-clinton · 18 replies
    CNBC ^ | 11 Jun 2015 | CNBC
    <p>At least two Apple retail store workers complained directly to Chief Executive Tim Cook that the company's policy of checking retail employees' bags as a security precaution was embarrassing and demeaning, according to a court filing made public on Wednesday.</p>
  • Democratic senators urge extra money for convention security

    06/10/2015 7:48:21 PM PDT · by Olog-hai · 16 replies
    Associated Press ^ | Jun 10, 2015 5:57 PM EDT
    Two Democratic senators are urging a Senate panel to help cover security costs at the 2016 presidential nominating conventions, saying extra money is needed to ensure law enforcement have sufficient manpower and equipment. In a letter this week, Sens. Bob Casey of Pennsylvania and Sherrod Brown of Ohio asked the Appropriations Committee for an additional $100 million, to be divided equally between the two conventions. …
  • In rush to correct screwups, Secret Service assigning new officers without security clearances

    06/10/2015 7:31:46 AM PDT · by Sean_Anthony · 10 replies
    Canada Free Press ^ | 06/10/15 | Dan Calabrese
    How badly the Secret Service was being run You’ve got problems. You’ve got a guy jumping the White House fence, running up the steps and actually making it to the stairway that leads to the residence - with a knife on him. That’s a problem. You’ve got a drunk agent crashing into a White House barricade. You’ve got prostitutes in agents’ hotel rooms . . . yeah, you’ve got problems, Secret Service. So you get a new director. OK. You pretty much had to do that. And then you start hiring a bunch of new agents as quickly as you...
  • Democrats push ban on plastic guns

    06/09/2015 8:52:16 PM PDT · by Tolerance Sucks Rocks · 36 replies
    The Washington Times ^ | June 8, 2015 | Jay LeBlanc
    Congressional Democrats are pushing legislation that would ban the production of guns made entirely of plastic, The Hill reported. The Undetectable Firearms Modernization Act, proposed in response to recent airport security lapses, would require firearms to contain enough metal to be detected.
  • Scott Walker hits back at Obama: ‘Guy who called ISIS the JV squad’

    06/08/2015 4:56:45 AM PDT · by Cincinatus' Wife · 21 replies
    Washington Times ^ | June 8, 2015 | David Sherfinski
    ....“I thought it was interesting for the president to say that the guy who called ISIS the JV squad and Yemen a success story somehow suggesting someone else should bone up in foreign policy,” Mr. Walker said on ABC’s “This Week.” ....“My belief is if I’m going to — if I’m even thinking about running for president of the United States, it’s not about preparing for debates, it’s about being prepared to be the president of the United States,” he said...
  • Giuliani, Lew, Lowey, Ashkenazi To Address Jerusalem Post Annual Conference

    06/05/2015 8:45:01 PM PDT · by IsraelBeach
    Israel News Agency ^ | June 5, 2015 | Joel Leyden
    By Joel Leyden Israel News AgencyNew York, NY — June 5, 2015 … US Secretary of the Treasury Jacob J. Lew and Congresswoman Nita Lowey will be among several US and Israeli dignitaries addressing The Jerusalem Post’s fourth Annual Conference. The Conference is scheduled to start on the morning of Sunday, June 7. Israeli and American elected officials, security experts and media analysts will examine the potential Iran nuclear agreement, the future of the US-Israel relationship, and the rise of global anti-Semitism. US Rep. Lowey, the ranking member of the House Appropriations Committee and a veteran Jewish congresswoman, will also...
  • Ex-Nazis got $20.2 million in Social Security

    06/01/2015 5:42:52 AM PDT · by TurboZamboni · 22 replies
    Pioneer Press ^ | 6-1-15 | Richard Lardner, David Rising and Randy Herschaft
    WASHINGTON -- Elfriede Rinkel's past as a Nazi concentration camp guard didn't keep her from collecting nearly $120,000 in U.S. Social Security benefits. Rinkel admitted to being stationed at the Ravensbrueck camp during World War II, where she worked with an attack dog trained by the SS, according to U.S. Justice Department records. She immigrated to California and married a German-born Jew whose parents had been killed in the Holocaust. She agreed to leave the U.S. in 2006 and remains the only woman the Justice Department's Nazi-hunting unit ever initiated deportation proceedings against. Yet after Rinkel departed, the Social Security...
  • Adware makers turn their sights on OS X

    05/29/2015 11:45:36 AM PDT · by Swordmaker · 4 replies
    Betanews ^ | May 29, 2015 | By Ian Barker
    Hot on the heels of news that OS X topped the vulnerabilities charts in April comes Dr. Web's virus activity review for May which shows increasing quantities of adware and unwanted applications targeting the Apple operating system. The company reports several programs aimed at OS X that either install adware, install other applications or inject JavaScript code into webpages. Adware.Mac.InstallCore.1 cannot only install unwanted programs on the user's computer but also change the browser home page and the search engine used by default. The program incorporates debugging functions too -- once launched, it scans the system for the presence of...
  • Police investigate shooting death of local security guard

    05/24/2015 4:39:13 PM PDT · by 2ndDivisionVet · 1 replies
    WSB-TV ^ | May 24, 2015
    (VIDEO-AT-LINK)EAST POINT, Ga. — East Point police are investigating a suspicious death involving a security guard. They said Antonio Spear, 32, of Atlanta was found several hundred feet from where investigators believe he was shot to death. East Point firefighters worked to remove a white Ford Expedition after it crashed into a fence just before 7 a.m. Sunday. “I heard a big bang. It was like a bomb so I was like, ‘What is that?” Ryeesha Zellner said. Zellner told Channel 2’s Jessica Jaglois she was sitting in her car outside her job when she saw the SUV crash and...
  • BOLTON: RELEASED EMAILS PROVE HILLARY RESPONSIBLE FOR MURDER OF AMERICANS IN BENGHAZI

    05/23/2015 1:38:25 PM PDT · by Jim Robinson · 71 replies
    Breitbart ^ | May 23, 2015 | By Pam Key
    Friday at the 2015 Southern Republican Leadership Conference in Oklahoma, former U.S. ambassador to the United Nations under President George W. Bush, John Bolton, said former Secretary of State Hillary Clinton is “responsible for the tragedy of the murder of U.S. Ambassador Christopher Stevens and three other Americans,” in the 2012 terror attack in Benghazi Libya. Bolton said, “I think the most telling information that we have seen in this limited number of emails is that there are repeated examples of Secretary of State Clinton being told in 2011 and 2012 that the security situation of our personnel in Tripoli...
  • Scott Walker On The Dana Show 5-22-15

    05/22/2015 12:56:54 PM PDT · by Cincinatus' Wife · 1 replies
    FM News Talk ^ | May 22, 2015 | Dana
    29:00 [click on picture then click on red dot to listen]
  • Netgear and ZyXEL Confirm NetUSB Flaw

    05/21/2015 10:39:51 PM PDT · by Utilizer · 2 replies
    Computerworld ^ | May 21, 2015 9:42 AM PT | Lucian Constantin
    ... Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year. The vulnerability, tracked as CVE-2015-3036, is located in a Linux kernel module called NetUSB that's commonly used in routers and other embedded devices. The module is developed by a Taiwan-based company called KCodes Technology and allows routers to share USB devices with other computers via the Internet Protocol (IP)....
  • Critical vulnerability in NetUSB driver exposes millions of routers to hacking

    05/20/2015 9:48:26 PM PDT · by Utilizer · 13 replies
    ITworld.com ^ | May 19, 2015 | Lucian Constantin
    Millions of routers and other embedded devices are affected by a serious vulnerability that could allow hackers to compromise them. The vulnerability is located in a service called NetUSB, which lets devices connected over USB to a computer be shared with other machines on a local network or the Internet via IP (Internet Protocol). The shared devices can be printers, webcams, thumb drives, external hard disks and more. NetUSB is implemented in Linux-based embedded systems, such as routers, as a kernel driver. The driver is developed by Taiwan-based KCodes Technology. Once enabled, it opens a server that listens on TCP...
  • Adblock Plus launches Adblock Browser: Firefox for Android with built-in ad blocking

    05/20/2015 8:39:29 PM PDT · by Utilizer · 19 replies
    VB - VentureBeat ^ | May 20, 2015 1:00 AM | Emil Protalinski
    ... Adblock Plus already has a Firefox for Android add-on, though it requires installing two apps and setting them up. The company also has an Android app that blocks in-app ads, but it only works on Wi-Fi connections and has to be sideloaded and hooked up to a proxy. In other words, Adblock Plus isn’t easy to use on mobile. Adblock Browser is supposed to change that. “This is the first time we’ve really gone with a solution that is completely ours,” communications manager Ben Williams told VentureBeat. Adblock Browser wasn’t exactly written from the ground up. The team used...
  • LogJam leaves browsers vulnerable to MiTM attack

    05/20/2015 8:25:10 PM PDT · by Utilizer · 2 replies
    iTnews AUS ^ | May 21, 2015 5:53 AM (AUS) | Doug Drinkwater
    ... Researchers have discovered a new security flaw that could affect tens of thousands of HTTPS websites, mail servers and other services by allowing attackers to downgrade the Transport Layer Security (TLS) connections to 512-bit export-grade cryptography to crack that connection and read any data being transmitted. Dubbed LogJam, researchers from Microsoft, John Hopkins University, University of Michigan, University of Pennsylvania and the Inria Nancy-Grand Est research in France, discovered the flaw some months ago, and have subsequently informed browser makers about the issue, who are currently patching. The research team has published a technical paper (pdf) and built a...
  • Morning Plum: Obama depicts climate change as national security risk

    05/20/2015 10:20:23 AM PDT · by Abiotic · 47 replies
    Washington Post ^ | 5/20/2015 | Greg Sargent
    WASHINGTON — President Obama called out climate change deniers in Congress for being weak on defense, saying it would be "dereliction of duty" for the United States to ignore the national security implications of rising global temperatures. Obama's convocation speech at the U.S. Coast Guard Academy Wednesday was his most forceful argument yet that climate change ranks alongside terrorism as a grave threat to America's future. "I know there are some folks back in Washington who refuse to admit that climate change is real," he told graduating cadets in New London, Conn. "Denying it or refusing to deal with it...
  • Tech giants don’t want Obama to give police access to encrypted phone data

    05/19/2015 3:27:56 PM PDT · by Swordmaker · 54 replies
    The Washington Post ^ | May 19 at 8:34 AM | By Ellen Nakashima
    FBI Director James B. Comey has expressed concern that the growing use of encrypted technologies is hindering the ability of law enforcement agencies to do their jobs. (Andrew Harnik/AP) May 19 at 8:34 AM Tech behemoths including Apple and Google and leading cryptologists are urging President Obama to reject any government proposal that alters the security of smartphones and other communications devices so that law enforcement can view decrypted data. In a letter to be sent Tuesday and obtained by The Washington Post, a coalition of tech firms, security experts and others appeal to the White House to protect privacy...
  • EXCLUSIVE: Hillary hides from reporters with SECOND secret party of the day (95 MPH escape)

    05/19/2015 2:27:10 AM PDT · by Libloather · 67 replies
    Daily Mail ^ | 5/19/15 | David Martosko
    EXCLUSIVE: Hillary hides from reporters with SECOND secret party of the day as her security forces race across Iowa at 95 MPH to dodge pursuing journalists For reporters trying to cover the opening months of Hillary Rodham Clinton's second presidential campaign, Waterloo, Iowa might be her Waterloo. On Monday night the Clinton camp held a private campaign party at the home of a wealthy pharmacist in the central Iowa town – a longtime Democratic Party figure – and Daily Mail Online was the only media outlet to make it to the address. Other press outlets can't be faulted, however: Clinton's...
  • More Java holes found in Google App Engine

    05/18/2015 10:20:07 PM PDT · by Utilizer · 2 replies
    iTnews AUS ^ | May 18, 2015 12:15 PM (AUS) | Juha Saarinen
    Google slow to respond. A Polish security firm has discovered more vulnerabilities in the Java coding platform used on Google's App Engine (GAE) cloud computing service, which could allow users to get access beyond their own virtual machines. The Security Explorations team, which has made a name for itself by unearthing large numbers of security holes in Oracle's Java framework over the past few years, said it had reported seven vulnerabilities to Google, along with proof of concept code. Three of the flaws allow complete bypass of the GAE Java security sandbox. Such a bypass could be used by attackers...
  • Patch Tuesday Alert! Microsoft Security Bulletin Summary for May 2015 - Do It Now

    05/13/2015 6:13:05 AM PDT · by dayglored · 22 replies
    Microsoft Security TechCenter ^ | May 12, 2015 | Microsoft
    Published: May 12, 2015 Version: 1.0 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools and Guidance Acknowledgments Other Information This bulletin summary lists security bulletins released for May 2015. For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications. Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.
  • Microsoft Edge: Building a safer browser

    05/12/2015 5:50:07 PM PDT · by dayglored · 22 replies
    Microsoft Edge Dev Blog ^ | May 11, 2015 | Microsoft Edge Team
    With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks. This post covers some of the advanced technologies used to protect Microsoft Edge, including industry leading sandboxing, compiler, and memory management techniques developed in close partnership with Windows. Web Security Threats While the web is predominantly a safe environment, some sites are designed to steal money and personal information. Thieves by nature don’t care about rules, and will use any means to take advantage...
  • Lenovo users exposed to "massive security risk"

    05/10/2015 4:02:17 PM PDT · by Utilizer · 6 replies
    iTnews.aus ^ | May 7, 2015 6:41 AM (AUS) | unattributed
    Researchers find more serious flaws. Lenovo has been accused of putting users at "massive security risk" through newly-discovered flaws in its online product update service which allow hackers to download malware onto user systems through a man-in-the-middle (MiTM) attack. The holes were revealed by security firm IOActive, just weeks after Lenovo was found to be shipping PCs with pre-installed ‘Superfish' adware that also left its users open to MITM attacks. In an advisory today, IOActive researchers Michael Milvich and Sofiane Talmat said they had discovered “high-severity” privilege escalation vulnerabilities in Lenovo's system update service, which enables users to download the...
  • Ex-NSA security bod fanboi: Apple Macs are wide open to malware

    05/09/2015 6:10:00 PM PDT · by Enlightened1 · 12 replies
    The Register ^ | 5/8/15 | John Leyden
    'I love Apple products, I just wish they were secure' A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial. Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned code to run. Apple's Gatekeeper utility is pre-installed in Mac OS X PCs and used to verify code. The tool is designed so that by default it will only allow signed code to run or, depending on settings, only packages from...
  • ISIS Still Hampering Iraqi Oil Industry Progress

    05/08/2015 3:15:02 PM PDT · by Opintel
    Oilprice.com ^ | 08-05-2015 | refineries
    The U.S. military is helping Iraqi forces pushback ISIS at a vital oil refinery. The Baiji refinery is located between Kirkuk and Mosul, and it has been the target of ISIS militants since the extremist group first made major advances last summer. Baiji is Iraq’s largest oil refinery, and as such, is strategically important to the country for revenues and for domestic fuel supplies. “It actually also sits on a corridor that runs from the Tigris River valley to the Euphrates River valley. And so it's geographically significant as well as significant economically,” the chairman of the U.S. Joint Chiefs...
  • The Trick To Cracking A Master Combo Lock In Eight Tries Or Fewer (Video)

    04/29/2015 5:21:56 PM PDT · by Citizen Zed · 18 replies
    gizmodo ^ | 4-29-2015
    Look, we all know that Master combo locks are not paragons of security. But, damn, this looks easy. In a new video, hacker Samy Kamkar demonstrates a dead simple trick that he claims can break into most Master combo locks in just a few tries. It’s so easy because Kamkar has done all the hard work for you, reverse-engineering the lock to narrow down the possible combinations to just eight. All you have to do is go to input three numbers into Kamkar’s algorithm. Here’s how you get the numbers: 1. While lifting the locked shackle, turn the knob counterclockwise...
  • Crying Baby Gets Family Thrown Off Plane, Deemed Security Risk [Israel]

    04/29/2015 2:16:46 PM PDT · by QT3.14 · 12 replies
    Travel Pulse ^ | April 28, 2015 | Donald Cook
    Traveling with small children can be a stressful situation on its own, but one airline in Tel Aviv, Israel, made the predicament even worse by treating a family poorly before having them removed from the plane due to their crying child. According to Jewish News, husband and wife Ariella and Mark Aziz were scheduled to fly from Tel Aviv to Luton, England, on Dutch airline Transavia when their 19-month-old daughter began crying. The Transavia crew asked the child’s parents to position their daughter on their lap before takeoff and use the connector belt provided by the airline. The plane had...
  • Microsoft Announces Windows 10 Device Guard, a New Feature That Could Kill Malware Forever

    04/22/2015 5:53:04 PM PDT · by SeekAndFind · 52 replies
    Softpedia ^ | 04/22/2015
    Microsoft is making big efforts to increase the security of Windows 10 and turn the new operating system into a fully secure working environment, so several new features will be available in this regard when it comes out. In addition to Microsoft Passport and Windows Hello, both of which were announced a few months ago, Redmond will also introduce a feature called Device Guard that would give organizations full control over the apps that are allowed to be launched on a device running Windows 10. According to Microsoft, the new feature should provide advanced malware protection against new and even...
  • United Airlines Kicks Computer Expert Off Flight For Tweets

    04/19/2015 8:59:46 PM PDT · by QT3.14 · 46 replies
    International Business Times ^ | April 19, 2015 | Eric Markowitz &#61954;
    Chris Roberts, a prominent computer security expert, was aboard a United Airlines flight last week when he tweeted about a potential security flaw he found on the plane’s on-board Wi-Fi. Big mistake. Airline personnel saw the tweet and alerted authorities at Syracuse Hancock International Airport where the flight was scheduled to land. Roberts exited the plane and was quickly detained by the FBI. Roberts, the founder and chief technical officer of the Denver security firm One World Labs, said the agents questioned him, confiscated several of his electronic devices, and then let him go. “Lesson from this evening, don't mention...
  • SECURITY ALERT: What I witnessed today at an Army Reserve Center was deplorable.

    04/18/2015 2:32:54 PM PDT · by don-o · 38 replies
    allenwest.com ^ | April 18, 2015 | Allen West
    snip And so it was when I drove onto the Army Reserve Center at Grand Prairie for a visit yesterday, I was met by a lone unarmed female contract security person who did not even take my ID and match it to my face. She came out of the shack and waved me right onto this military installation. Yes, the Army Reserve Center at Grand Prairie is a military installation. Not only is the Army based there but also a U.S. Marine Reserve artillery unit — and the majority of their equipment is located on this installation. But, as I...
  • Remote Code Execution Via HTTP Request In IIS On Windows

    04/15/2015 7:33:51 PM PDT · by Utilizer · 30 replies
    Mattias website ^ | Wednesday, April 15, 2015 | Mattias Geniar
    A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account. To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.
  • Voting machine password hacks as easy as 'abcde', details Virginia state report

    04/15/2015 4:42:21 PM PDT · by afraidfortherepublic · 20 replies
    The Guardian ^ | 4-15-15 | Sam Thielman
    AVS WinVote machines used in three presidential elections in state ‘would get an F-minus’ in security, said computer scientist who pushed for decertification Touchscreen voting machines used in numerous elections between 2002 and 2014 used “abcde” and “admin” as passwords and could easily have been hacked from the parking lot outside the polling place, according to a state report. The AVS WinVote machines, used in three presidential elections in Virginia, “would get an F-minus” in security, according to a computer scientist at tech research group SRI International who had pushed for a formal inquiry by the state of Virginia for...
  • Kaspersky releases tools to decrypt files encrypted with CoinVault Ransomware

    04/14/2015 6:46:32 PM PDT · by Utilizer · 20 replies
    TechWorm ^ | on April 14, 2015 | Abhishek Kumar Jha
    Software security group Kaspesky labs in collaboration with the Dutch police has released a tool which helps to decrypt files locked by Ransomware. Kaspersky Labs has released a decryption tool for files encrypted with CoinVault ransomware. The tool was developed by the Kaspersky lab after the The National High Tech Crime Unit (NHTCU) of the Dutch police handed over the information obtained from a database of CoinVault command-and-control server containing the decryption keys.
  • New Redirect to SMB Flaw in all Windows versions including Windows 10 (shortened)

    04/13/2015 6:45:42 PM PDT · by Utilizer · 17 replies
    TechWorm ^ | on April 13, 2015 | Vijay
    Security researchers at Cylance have discovered a serious vulnerability in all supported versions of Windows that can allow a potential hacker who has control of some portion of a victim’s network traffic to steal users’ credentials for valuable services. Cylance researchers disclosed the vulnerability today on their website in which they said that their study is an extension to a similar research done by Aaron Spangler in 1997.
  • Administration Brushes Off Russian Hackers [semi-satire]

    04/13/2015 9:53:29 AM PDT · by John Semmens · 2 replies
    Semi-News/Semi-Satire ^ | 11 April 2015 | John Semmens
    Evidence that Russian computer hackers penetrated security at the White House and State Department was brushed aside by National Security Council spokesman Mark Stroh. “Since the Administration has no hostile designs on Russia we don’t consider their gaining access to confidential correspondence at the State Department or White House a threat to our security,” Stroh maintained. “In a way, this could be a good thing. They will see that we bear them no ill will. That could open up new avenues for better relations between our two countries.” “It would be far more worrisome if our correspondence had been illicitly...
  • Secret Service Scrambles to Find Four-Year-Old Who Crawled Under White House Fence

    04/13/2015 6:14:08 AM PDT · by yuffy
    Breitbart ^ | 13 Apr 2015 | by William Bigelow
    Hillary’s made it official: She’s now a candidate for president in the 2016 election. Question is, can she win? The former first lady and secretary of state certainly carries lots of baggage as she enters the race, including but not limited to all those missing e-mails. But she isn’t expecting any of those issues to prove fatal. Her big fear — according to the Wall Street Democrats I speak to — is being stuck with (and blamed for) her old boss’ economy. That’s because the economy has never fully recovered from the financial collapse that President Obama faced when he...
  • LG Split Screen Improves Usability and Reduces Security Drastically

    04/12/2015 6:19:30 PM PDT · by Utilizer · 22 replies
    Developer's Couch ^ | April 8, 2015 | Chris
    Life is good (LG) is what you may say out loud when using LG stuff. Unfortunately, today I have to tell you that life is horrible. I recently upgraded to an ultra wide LG screen which comes with split screen software. While I am happy with the hardware, I am utterly disappointed how LG treats security. The TL;DR version is that instead of writing software properly, they just disable UAC upon installation in order to make their software work. I received my monitor some time around last week and quickly installed the software. Nothing special has happened during the setup...
  • Let’s keep all our kids safe (NYC denying security to private school children)

    04/10/2015 12:16:18 PM PDT · by presidio9 · 14 replies
    New York Post ^ | April 9, 2015 | Jake Adler and Vincent LeVien
    All children deserve to be safe at school. Yet it turns out that New York City does not provide kids who attend private schools with the same level of protection as those at public schools. That’s not only unfair, it’s unsafe. And it ought to change. As matters stand, only public schools in the city are eligible for NYPD school-safety agents. Private schools must provide security officers on their own dime. And while child-safety is an issue no decent school would ignore, the fact is many private schools struggle to cover the costs of adequate security — and sometimes the...
  • Firefox disables 'opportunistic encryption' to fix HTTPS bypass bug

    04/09/2015 10:42:18 AM PDT · by Utilizer · 2 replies
    iTnews AUS ^ | Apr 8, 2015 9:13 AM (AUS) | Allie Coyne
    Attackers could use fake certificate to get around protections. Mozilla has disabled an "opportunistic encryption" feature added to its Firefox browser last week, in order to fix a critical security flaw that allowed attackers to bypass HTTPS protections. The company last week released Firefox 37, which came with a new feature allowing connections to be encrypted even if a server didn't support HTTPS. This so-called "opportunistic encryption" acted as a bridge between plaintext HTTP and HTTPS connections based on either transport layer security (TLS) or the older secure sockets layer protocol. It allowed website owners who are unable to fully...
  • RadioShack to auction off customer data, violating own privacy policy

    03/27/2015 9:44:35 AM PDT · by HonkyTonkMan · 22 replies
    NakedSecurity ^ | 26 March, 2015 | Lee Munson
    Retail chain RadioShack is looking to cash in the information it holds on its customers as part of its bankruptcy sale. According to Hilco Streambank, personal data including over 65 million customers' names and physical addresses, as well as 13 million email addresses, has been made available to the highest bidder. All this despite the fact that the company's online privacy policy quite clearly states: We will not sell or rent your personally identifiable information to anyone at any time. We will not use any personal information beyond what is necessary to assist us in delivering to you the services...
  • Passphrases That You Can Memorize — But That Even the NSA Can’t Guess

    03/27/2015 9:21:39 AM PDT · by Utilizer · 37 replies
    THE // INTERCEPT ^ | 03/26/2015 9:29 AM | Micah Lee
    It’s getting easier to secure your digital privacy. iPhones now encrypt a great deal of personal information; hard drives on Mac and Windows 8.1 computers are now automatically locked down; even Facebook, which made a fortune on open sharing, is providing end-to-end encryption in the chat tool WhatsApp. But none of this technology offers as much protection as you may think if you don’t know how to come up with a good passphrase. A passphrase is like a password, but longer and more secure. In essence, it’s an encryption key that you memorize. Once you start caring more deeply about...
  • BitWhisper turns up heat on air-gap security

    03/24/2015 9:46:52 AM PDT · by Patriot777 · 4 replies
    © 2015 Tech Xplore, Phys.org ^ | March 24, 2015 - 5 hrs ago | Nancy Owano
    Ben Gurion University reported Monday that researcher Mordechai Guri, assisted by Matan Munitz and guided by Prof. Yuval Elovici, uncovered a way to breach air-gapped systems—that's quite something considering that air-gapped systems, said the Daily Mail, are among the most secure computers on the planet, used in high security settings such as classified military networks, payment networks processing credit and debit card transactions for retailers, and industrial control systems for critical infrastructure. The research initiative was given the name BitWhisper, part of research on the topic of air-gap security at the Cyber Security Research Center at Ben-Gurion University. Dudu Mimran,...