A bold new type of malware has been identified. Its attack vector is based on hijacking the DNS settings for devices on a local area network. Any device regardless of operating system that depends on an internal or external name server can be affected. The trojan...
Techworld reports the following: The world's six largest computer drive makers have published the final specifications for a single, full-disk encryption standard that can be used across all hard disk drives, solid state drives (SSD) and encryption key management applications. Read the full article at Techworld....
Technical problems with the license management servers at SonicWall Inc. created havoc last week for users of the company's firewall and e-mail security products, leaving many companies temporarily unprotected against spam, phishing and malware threats. The problems resulted in affected enterprise users of the SonicWALL UTM...
Triggerfish, also known as cell-site simulators or digital analyzers, are nothing new: the technology was used in the 1990s to hunt down renowned hacker Kevin Mitnick. By posing as a cell tower, triggerfish trick nearby cell phones into transmitting their serial numbers, phone numbers, and...
Early coverage of the Wi-Fi WPA TKIP Key crack indicated that TKIP keys were broken, but ars technica clears up the details of the attack: They are not. "We only have a single keystream; we do not recover the keys used for encryption in generating the...
Via Slashdot: Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read...
Elcom announced that the newest version of their Distributed Password Recovery software can now brute force certain password / encryption schemes faster by using the massive parallelism of graphics processing units that support CUDA. With the correct combination of off the shelf components available from...
A national cyber-security strategy that will seek to protect key infrastructure as well as Canadians' identities is on the way , an RCMP executive says. Details of the strategy — a partnership between the public and private sectors — will emerge over the next few months,...
In an important milestone for open source, a draft defense authorizing act in Congress includes wording plugging open source software. Both cost and software security appears to be considerations. "It's rare to see a concept as technical as open-source software in a federal funding bill. But...
Via Wired: Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency. The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let...