A team from universities in the US, Netherlands, Switzerland and Germany have published research demonstrating that subtle changes below the gate level of chips can alter functionality in a controlled but covert manner.
Mobile Pwn2Own to Pay $300K for iPhone and Android Zero-day Exploits
Itching to jailbreak Apple’s iOS 7? Ready to root a Samsung KNOX phone? Frothing at the mouth to show vulnerabilities in the iPhone 5S fingerprint reader? And get paid for it? Well if so, you’re in luck: HP’s Zero Day Initiative (ZDI) has announced the…
Solving the TPM Uptake Challenge
Trusted platform modules (TPM) have been around for more than 10 years, but adoption of them by users has been slow going. Led by Infosecurity magazine’s Drew Amorosi, a panel of industry experts came together at the Trusted Computing Conference in Orl…
OSINT: You Don’t Need to Work for the NSA or GCHQ to Spy on People
While the world has been hearing about the surveillance techniques of the spy agencies in the US and UK, the capabilities available to anyone through Open Source Intelligence (OSINT) products have been quietly expanding.
Symantec to Revoke SSL Certificates Starting Oct. 1
The deadline for abandoning SSL certificates with less than 2048-bit keys is approaching, and as of Dec. 31 of this year will be revoked. At least one vendor is setting an earlier deadline: for Symantec, it’s Oct. 1.
Belgacom Hacked; NSA Involvement Suspected
Coinciding with a report in De Standaard, Belgian telecoms firm Belgacom issued a statement yesterday saying it had successfully cleansed its internal network of “an unknown virus in a number of units in our internal IT-system.”
(ISC)² Dishes Out Latest Scholarships to Combat IT Security Workforce Lag
The (ISC)² Foundation has announced the recipients of its 2013 information security scholarships.
Medical ID Fraud Costs Consumers $12bn in Out-of-Pocket Costs
With all of the debate in the US about Medicare and health insurance changes, it’s easy to overlook one big national healthcare issue that has life-threatening and hefty financial consequences: medical identity theft.
Cyber-Gang Attempts Santander Bank Heist with $20 Device
The term “bank heist” may conjure up an Ocean’s 11-style strike involving laser alarms and perhaps even a contortionist or two, but the everyday reality is much more mundane. Take, for instance, the alleged plot by 12 men to steal millions from a branc…
NSA Shown to Operate a MITM Hack in Brazil
In case any doubts remain, new Snowden revelations first published in Brazil, show that the NSA engages in economic espionage, uses mainstream hacking techniques, and spies on diplomats and the banking system.