August 30, 2011
"To stop jailbreaking, Apple is constantly releasing updates to its iOS software to plug security holes and make jailbreaking impossible. Meanwhile, jailbreakers are always pouring over Apple’s software to find new ways of breaking down Apple’s best defenses. But now it appears that despite their constant conflict, Apple has crossed the battle lines and offered a job – temporary though it may be – to a well-known jailbreaker."
Read more:
appolicious
"The state-run China Central Television network has yanked a video that inadvertently included a short clip of a cyber-attack tool targeting Falun Gong websites."
Read more:
computerworld
August 06, 2011
"Ormandy said his analysis found that Sophos software uses weak or outdated cryptography in the way it builds and matches virus signatures, relies on obfuscation for security too often, and fails to comprehend certain exploitation techniques, among other problems."
Source:
searchsecurity
"Two security researchers Wednesday unveiled a remote controlled, unmanned aerial vehicle (UAV) that is capable of cracking Wi-Fi passwords, exploiting weak wireless access points and mimicking a GSM tower to intercept cell phone conversations."
Source:
computerworld
"Why blow it up? Why was that the goal?
I approach it like, what can people do to me, right? So I don't want to wake up one day and have my computer blow up. I want to be the one looking at that -- not the bad guys."
Source:
CNN
"It's not just a hypothetical fear. Ivan Eugene Kaspersky, who owns one of the world's leading anti-virus security labs, had his son Ivan snatched off the streets of Moscow earlier this year. Whether there was a revenge motivation, in addition to the ransom, is still unclear. But the fact remains that anti-virus guys are now effectively standing between the mob and big piles of money. Which is never a very safe place to be.
And if that wasn't bad enough, now there's a new, potentially deadlier, source of viruses: governments."
Source:
gizmodo
August 05, 2011
"Microsoft's "BlueHat Prize," announced by the company at the Black Hat security conference in Las Vegas Wednesday, offers a grand prize of $200,000, a runner-up purse of $50,000, and a third-place award of a one-year subscription to MSDN Universal--a developer's platform for Microsoft products--worth $10,000--to security researchers who design the most effective ways to prevent the use of memory safety vulnerabilities. Those kinds of vulnerabilities can create problems like buffer overflows that can be exploited by Net miscreants to compromise computers."
Source:
pcworld
"“Today it's cyber warriors that we're looking for, not rocket scientists,” said Richard “Dickie” George, technical director of the NSA's Information Assurance Directorate, the agency's cyber-defence side.
“That's the race that we're in today. And we need the best and brightest to be ready to take on this cyber warrior status,” he told Reuters in an interview.
The NSA is hiring about 1,500 people in the fiscal year which ends Sept. 30 and another 1,500 next year, most of them cyber experts. With a workforce of just over 30,000, the Fort Meade, Maryland-based NSA dwarfs other intelligence agencies, including the CIA."
Source:
iol.co.za
"1. The Rustock Botnet Takedown
2. Pulp Google Hacking: The Next Generation Search Engine Hacking Arsenal
3. Aerial Cyber Apocalypse: If we can do it... they can too
4. Hacking Androids for Profit
5. Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers
6. Lives On The Line: Defending Crisis Maps in Libya, Sudan, and Pakistan "
Source:
computerworld
August 04, 2011
"An investigation of targeted intrusions into 70+ global companies, governments and non-profit organizations during the last 5 years."
Source:
mcafee
"Though it is unclear what has been done with "petabytes" of information, Alperovitch says the classified data includes "closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics" and more."
Source:
thewhir
"The chief of the CIA's counterterrorism group during 9/11 told the crowd of thousands that the traditional top three terrorist threats -- chemical, bacteriological, radiological -- have shifted to kinetic (troops and weapons), bacteriological and cyber."
Source:
networkworld
" "My initial reaction was that this was really cool from a technical perspective," Radcliffe said. "The second reaction was one of maybe sheer terror, to know that there's no security around the devices which are a very active part of keeping me alive." "
Source:
ibnlive.in
"There are dozens of underground forums where members advertise their ability to execute debilitating “distributed denial-of-service” or DDoS attacks for a price. DDoS attack services tend to charge the same prices, and the average rate for taking a Web site offline is surprisingly affordable: about $5 to $10 per hour; $40 to $50 per day; $350-$400 a week; and upwards of $1,200 per month."
Source:
krebsonsecurity
"ENISA look at 13 specifications within HTML5 and found 51 security issues. Some of the issues can be fixed by tweaking the specifications, while others are more risks based on the features that users should be alerted to, Hogben said. One of the features that concerns ENISA in the paper is termed "form tampering." "
Source:
computerworld