An unredacted version of a database said to be stolen from Adult Friend Finder is being offered for sale for 70 bitcoins, or around $17,000.
ROR[RG], the nickname of the person who claims to have breached the large online hookup site, wrote on Saturday in an underground forum that "I have had so many people ask me to buy the db today."
As companies continue to beat the Internet of Things drum, promoting a world when every device is smart, and anything electronic is network connected, we have some news that shows just what a horrible idea this really is. A security firm has found that a Linux kernel driver called NetUSB contains an amateurish error that can be exploited by hackers to remotely compromise any device running the driver. The driver is commonly found in home routers, and while some offer the ability to disable it, others do not appear to do so.
Security is an applied science. Security properties and secure design are only valid in the context of a particular application or environment. Similarly, hacking techniques and tools are only useful for exploiting specific types of vulnerabilities.
"A lot of what we're talking about tonight isn't 'Here's how to make yourself totally secure and defeat the NSA, and you'll never get spied on.' It's about 'If you do these things, and if we all do these things, [surveillance will] become more expensive, and more hassle'," said Tom Sulston over a cup of tea late Friday afternoon.
I'll be honest with you. LinkedIn scares me.
For any criminal interested in targeting senior staff in an organisation, it's a goldmine of information.
Apple released on Tuesday its first update for Watch OS, the iOS-based operating system that runs on the Apple Watch.
Watch OS 1.0.1 patches a total of 13 vulnerabilities affecting components such as the kernel, Secure Transport, FontParser, the Foundation framework, IOHIDFamily, and IOAcceleratorFamily.
The FontParser issue exists due to the way font files are processed. An attacker can exploit this vulnerability (CVE-2015-1093) to execute arbitrary code by getting a user to process a maliciously crafted font.
A security researcher said he found a way to game Starbucks gift cards to generate unlimited amounts of money on them. Both he and the coffee chain are grumbling after he used a fraudulent card to make a purchase, then repaid the amount and reported the vulnerability.
Web-browser makers are preparing a fix for a flaw in an encryption algorithm that makes it possible to spy on supposedly secure communications.
However, the updates will mean a minority of websites will be blocked by the new software.
The "LogJam attack" was discovered by researchers at Microsoft and a number of US and French universities. They believe about 8% of the top one million HTTPS security-protected sites are made vulnerable by the flaw.
Working directly with hardware is hard. Each project brings with it mundane questions of which compiler to use, what communications protocols to work with, and how to load code. Developers also need to figure out how to debug the live system without affecting the program being executed.
In the past this has required expensive and proprietary software, but thanks to commodity hardware and projects such as OpenOCD, developing programs that run directly on embedded hardware is easier than ever before.
Convicted Silk Road founder Ross Ulbricht and no less than 97 of his friends and family members have written to a judge just days prior to sentencing, asking her to impose the most lenient sentence possible. (Ars has posted the letters online along with the court filing of photos of Ulbricht and many family and friends.)
Under federal mandatory minimum sentencing guidelines, Ulbricht faces at least 20 years in prison and possibly as long as life behind bars.