157 matches found
German Industrial Giant Victim of Cyber Espionage
German industrial conglomerate ThyssenKrupp disclosed last week that technical trade secrets were stolen in a cyberattack that dates back to February. Adversaries, ThyssenKrupp said, engaged in “organized, highly professional hacker activities” and launched their attack from the Southeast Asian...
FTC Panel Encourages Basic Security Hygiene to Counter Ransomware
When asked to describe what it’s like to deal with the constantly looming threat of ransomware, Chad Wilson, the Director of Information Security at Children’s National Medical Center in Washington D.C., didn’t beat around the bush. “I’ll sum it up in one word: It’s scary,” Wilson said at a Feder...
Timing of Browser-Based Security Alerts Could Be Better
Multitasking may be the way of the connected world, but as it turns out, it’s not conducive to secure behavior online. Academics from Brigham Young University and the University of Pittsburgh came to that conclusion after using functional magnetic resonance imaging fMRI to study how the brain...
Microsoft is Auto-Downloading Windows 10 to PCs, Even If You Don't Want it
Microsoft wholeheartedly wants you to upgrade to Windows 10. So much that even if you have not opted-in for Windows 10 upgrade, you will get it the other way. Surprised? If you have Windows Update enabled on your PCs running Windows 7 or Windows 8.1, you’ll notice a large file — between 3.5GB and...
Reminder! If You Haven't yet, Turn Off Windows 10 Keylogger Now
Do you know? Microsoft has the power to track every single word you type or say to its digital assistant Cortana while using its newest operating system, Windows 10. Last fall, we reported about a 'keylogger' that Microsoft openly put into its Windows 10 Technical Preview saying the company 'may...
Smartphone Owners Lack Motivation to Adequately Lock Devices
A quarter of smartphone owners don’t lock their devices because they don’t believe they have any data worth protecting. Even more refrain from doing it because they feel like it’s too much of a hassle. That’s at least according to a new study carried out by six researchers, four from the Universi...
Research Project Pays People to Infect their Machines
It’s been well documented that people will give up their computer passwords for a piece of chocolate. But what would they be willing to give up for a dollar—or even a penny? Plenty as it turns out. Incentivized by a minimal amount of cash, computer users who took part in a study conducted by...
Vulnerability of small summary: the browser in those strange logic-vulnerability warning-the black bar safety net
0x00 introduction As early as a few years ago to see a book the dig 0day act, which introduced a sogou browser vulnerabilities-the forge website, although after a lapse of four years, sogou still made the same mistake, but at that time I only know that there is this treatment, but suffer from on...
Windows 8 Picture Gesture Authentication Research
Typing on a smartphone or tablet keyboard lends itself to a lot of fat-fingered mistakes. Recent updates to mobile operating systems and desktop OSes such as Windows 8, however, have tried to better leverage the touch screen for things such as authentication. Users, for example, have the option o...
Password Strength Testers Work for Important Accounts
Many popular online services have started to deploy password strength meters, visual gauges that are often color-coded and indicate whether the password you’ve chosen is weak or strong based on the website’s policy. The effectiveness of these meters in influencing users to choose stronger passwor...
Creative Ideas for Replacing Passwords
Passwords have been the de facto manner of providing security for IT systems. Theyve got a bad reputation, but its not the passwords themselves that deserve the reputation - its the individuals using them and the weak standards to which these passwords are managed. In fact, a password system...
How Facebook Ticker exposing your information and behavior without your knowledge
How Facebook Ticker exposing your information and behavior without your knowledge Nelson Novaes Neto , a Brazilian independent Security and Behavior Research have analyze a privacy issue in FacebookTicker that allows any person chasing you without your knowledge or consent . He explain that this ...
SAUSAGE Con Delves into IT Security's 'Human Problem'
‘Why is security so hard?’ That’s the question that a new conference focused on “useable security” will attempt to answer by bringing together experts on security, software development and human-computer interaction. DEK: ‘Why is security so hard?’ That’s the question that a new conference will...
Apple Safari for Windows and Internet Explorer Combined Code Execution (CVE-2008-2540)
Microsoft Internet Explorer is the most widely used Internet browser. Safari is a web browsing application developed by Apple. A combination of the default download location in Safari and how the Windows desktop handles executables creates a blended threat in which files may be downloaded to a...
Didier Stevens on PDF Hacking and Security
Dennis Fisher talks with Didier Stevens, the security researcher who developed the innovative method for using the /launch command in PDF readers to execute code on remote machines. Stevens discusses the ramifications of the discovery, the security of PDFs in general and the user behavior that...
Yahoo! Messenger File Transfer Filename Spoofing (CVE-2005-0243)
Yahoo Messenger is a service providing instant messages, similar to MSN Messenger and ICQ. Yahoo! Messenger allows users to see when their friends come online, send instant messages, join chat rooms, and exchange files. There exists a vulnerability in the way Yahoo! Messenger displays file names ...
5 security flubs users make while Web surfing
From CIO Joan Goodchild You can install the best firewalls, patch religiously, and make sure your anti-virus software is always up-to-date, but there is one online risk factor you can never control: the user. Whether they are downloading dangerous content or falling prey to phishing scams, the en...