The opportunity to change from Facebook blue to a different color is not a new scam, but there’s a new one doing the rounds right now: “I Totally Just Added The Brand New Facebook Black.”
Carna botnet – an interesting, amoral and illegal internet census
It started from a joke – we should try root:root to log on to random IP addresses. But it evolved from that into a botnet of port scanners able to port scan the entire IPv4 internet in very short order: a complete IPv4 internet census.
NATO lays out cyber-war rules of engagement
A new handbook created for NATO has set out 95 black-letter rules of cyber warfare that, among other recommendations, states that governments should refrain from launching attacks on civilians, hospitals, nuclear power stations, dams and dykes.
Pinkie Pie slices out $40K reward at Google Pwnium 3 hacking contest
Earlier this month at the CanSecWest security conference, Google’s Chrome team took part in the Pwn2Own hacking contest and hosted its own, the third iteration of its Pwnium competition. While there weren’t any “winning” entries at Pwnium – i.e., no fu…
Sophisticated Rating System for Cyber Attacks Proposed
It has long been suggested that ‘advanced’ is a misnomer in the majority of APTs; and that ‘sophisticated’ has lost its meaning. Is it time for an objective attack rating to eliminate emotive, subjective and misleading threat terminology?
Still NotCompatible: Android trojan takes fresh tack with spear-phishing
An old Android malware threat is targeting mobile devices in a new way: the NotCompatible mobile trojan is now using email spam to dupe people into clicking an initiating link.
Has HTTPS been broken?
In practical terms for the average user, probably not yet; but in the absolute terms of crypto-theory, probably yes – again. The difference is that security professionals measure security in the relative terms of risk analysis, while cryptographers tak…
Removing administrator rights is no solution against drive-by attacks
When Windows 7 was released, Gartner recommended that migration from XP be used as a catalyst for removing administrator rights from as many users as possible, which it said is ‘the single most important way to improve endpoint security.’
Kali Linux Release Aftermath
Five days into the Kali Linux release at BlackHat EU in Amsterdam, and we’re still not fully recovered. Since the release, we’ve had just over 90,000 downloads, a dozen or so package updates, added more articles to the Kali Documentation, s…
Credit reporting one key to celebrity doxxing affair
In the wake of the high-profile celebrity and politician doxxing campaign last week, in which private information about dozens of celebs from Michelle Obama to Kim Kardashian was posted online, more information about the provenance of the information h…