HITBSecNews | Keeping Knowledge Free for Over a Decade

http://core2.staticworld.net/images/article/2015/02/snadbox-jail-100569373-large.jpg

Fully sandboxed, cross-distro Linux apps are almost here

Monday, February 23, 2015

Posted by l33tdawg

0 comment(s)

Right now, you get most of your Linux software from your distribution’s software repositories. Those applications have to be packaged specifically for your Linux distribution, and you have to trust... read more

http://blog.zimperium.com/telegram-hack/

Telegram Has Unencrypted Copies of Secret Chat Messages

Tuesday, February 24, 2015

Posted by l33tdawg

Encryption, Industry News, Security, Telegram, Zimperium

0 comment(s)

Telegram users should be aware the messaging app's "Secret Chats" may not be so secret after all.Zuk Avraham, founder and CTO of mobile security company Zimperium, created private messages using... read more

Gemalto presents findings into the alleged hacking of SIM card encryption keys

Wednesday, February 25, 2015

Posted by l33tdawg

Gemalto, Industry News, Security

0 comment(s)

Following the release of a report by a news website on February 19, 2015, Gemalto (Euronext NL0000400653 GTO), has conducted a thorough investigation, based in particular on two elements: the... read more

http://www.wired.com/wp-content/uploads/2015/02/495716995-crop-660x405.jpg

How the NSA’s Firmware Hacking Works and Why It’s So Unsettling

Monday, February 23, 2015

Posted by l33tdawg

NSA, Privacy, Security

0 comment(s)

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer’s firmware with malicious code. The... read more

http://regmedia.co.uk/2015/02/24/scary_skeleton_samba.jpg?x=648&y=429&crop=1

Scary remote execution vuln spotted in SAMBA

Tuesday, February 24, 2015

Posted by l33tdawg

Security

0 comment(s)

Linux admins were sent scrambling to patch their boxes on Monday after a critical vulnerability was revealed in Samba, the open source Linux-and-Windows-compatibility software.The bug, which has been... read more

Silent Circle targets enterprise users with 'world first' privacy ecosystem

Submitted by l33tdawg on Fri, 2015-02-27 10:32

http://zdnet1.cbsistatic.com/hub/i/r/2015/02/27/4fd3cc14-d7ed-4bae-babc-caf4c2038bfb/resize/370x370/fd154672ce04a53bad81409b0a7b27a6/screen-shot-2015-02-27-at-08-48-34.png

Encrypted communications provider Silent Circle has raised approximately $50 million in a funding round aimed at pushing the company forward in the enterprise market.

Announced on Thursday, Silent Circle said "strong demand" from enterprise customers seeking to keep communication private through the Blackphone product range led the firm to launch a private, common equity round in order to grow and cater for new clients.

Tags:

Silent Circle

Security

OPSEC For Activists, Because Encryption Is No Guarantee

Submitted by l33tdawg on Fri, 2015-02-27 10:30

https://www.flickr.com/photos/kyree/301712671/

“None of the claims of what comsec works is to be taken saltless: Tor, OTR, ZTRP are lures.” —Cryptome [3], Dec. 30, 2014

Tags:

Encryption

Security

For one week, employees at this cyber security company get to play the bad guys

Submitted by l33tdawg on Fri, 2015-02-27 09:52

https://static-ssl.businessinsider.com/image/54ef6aa4eab8ea7e3e86bcc7-1200-900/symantec-cyberwar-games.jpg

For most of the year, employees of leading cyber-security firm Symantec work toward securing and managing their customers’ information.

This week, they took a break from that. They got to be the bad guys.

Four years ago, Symantec launched its annual CyberWar Games, an internal event that challenges employees to walk in the shoes of an attacker. The Games simulates an information security breach modeled after a high profile incident reported in the media, and employees experience the attack from start to finish as the malicious party.

Tags:

Security

Symantec

D-Link remote access vulnerabilities remain unpatched

Submitted by l33tdawg on Fri, 2015-02-27 09:50

D-Link routers have several unpatched vulnerabilities, the worst of which could allow an attacker to gain total control over a device, according to a systems engineer in Canada.

Peter Adkins, who does security research in his free time, released details of the flaws on Thursday. Adkins said in a phone interview that he has been in intermittent contact with D-Link since Jan. 11 on the issues, but the company has not indicated when it might patch.

Tags:

Security

CloudFlare crypto gets faster on old mobes

Submitted by l33tdawg on Fri, 2015-02-27 09:48

http://regmedia.co.uk/2014/10/28/keys_encryption_cryptography_crypto.png?x=648&y=429&crop=1

Popular denial of service deflection platform CloudFlare is deploying new speedy cipher suites previously championed by Google, maths boffin Nick Sullivan says.

The ChaCha-Poly1305 cipher is three times faster than the resource heavy AES-128-GCM cipher and was not subject to attacks against RC4, Sullivan (@grittygrease) says, meaning things will speed on CloudFlare for mobes.

Tags:

Encryption

Read more about CloudFlare crypto gets faster on old mobes
348 reads

Fully sandboxed, cross-distro Linux apps are almost here

Telegram Has Unencrypted Copies of Secret Chat Messages

Gemalto presents findings into the alleged hacking of SIM card encryption keys

How the NSA’s Firmware Hacking Works and Why It’s So Unsettling

Scary remote execution vuln spotted in SAMBA

Silent Circle targets enterprise users with 'world first' privacy ecosystem

OPSEC For Activists, Because Encryption Is No Guarantee

For one week, employees at this cyber security company get to play the bad guys

D-Link remote access vulnerabilities remain unpatched

CloudFlare crypto gets faster on old mobes

Thursday, February 26th

Wednesday, February 25th

Tuesday, February 24th

Monday, February 23rd

Contact Us

Recent comments

Link Exchange

You are here