Featured Slideshow

http://regmedia.co.uk/2015/03/02/hackers_bluray.jpg?x=648&y=429&crop=1

Hackers can raid networks with burnt Blu-Rays

Monday, March 2, 2015

Posted by l33tdawg

Security

0 comment(s)

British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks.His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and... read more

http://regmedia.co.uk/2015/02/23/ban_hammer.jpg?x=648&y=429&crop=1

Twitter triples abuse team, knocks dox

Monday, March 2, 2015

Posted by l33tdawg

Industry News, Twitter

0 comment(s)

Twitter has tripled the size of its abuse support team after the number of reports it handled increased five-fold in six months thanks to an expansion of harassment controls.The company did not... read more

http://www.neowin.net/images/uploaded/2015/03/img_0286_story.jpg

Hands on with Samsung's Galaxy S6 and S6 Edge

Monday, March 2, 2015

Posted by l33tdawg

Hardware, Samsung

0 comment(s)

When we reviewed the Samsung Galaxy S5 last year, the handset made a surprisingly good impression, thanks to its blazing performance, outstanding battery life, and a stunning Super AMOLED screen. We... read more

http://www.androidcentral.com/sites/androidcentral.com/files/styles/larger_wm_brw/public/article_images/2015/03/zte-grand-s3-eye.jpg?itok=bEHSE-2H

ZTE Grand S3 can be unlocked with eye-based biometric solution

Monday, March 2, 2015

Posted by l33tdawg

Security

0 comment(s)

Today at MWC 2015, we played with the ZTE Grand S3. ZTE's new flagship device lets users unlock their phones by looking at the front-facing camera. The cutting edge solution, called Eyeprint ID,... read more

https://www.pentestpartners.com/content/uploads/2015/02/SamsungTVPlaintext.jpg

Samsung's Smart TV Data Encryption Claims Proven False

Monday, March 2, 2015

Posted by l33tdawg

Encryption, Samsung

0 comment(s)

After our recent discovery that our Samsung TV was sending voice recognition data over the internet unencrypted, they sent the following response:“Samsung takes consumer privacy very seriously and... read more

SSL

Meaner POODLE bug that bypasses TLS crypto bites 10 percent of websites

Submitted by l33tdawg on Tue, 2014-12-09 00:04

http://cdn.arstechnica.net/wp-content/uploads/2014/12/mean-poodle.jpg

Some of the world's leading websites—including those owned or operated by Bank of America, VMware, the US Department of Veteran's Affairs, and business consultancy Accenture—are vulnerable to simple attacks that bypass the transport layer security encryption designed to thwart eavesdroppers and spoofers.

Tags:

Security

SSL

German Spy Agency Wants To Buy Zero-Day Vulnerabilities In Order To Undermine SSL Security

Submitted by l33tdawg on Thu, 2014-11-13 23:54

The newspaper Süddeutsche Zeitung reports that the German spy agency BND will spend €28 million on what it calls its 'Strategic Technical Initiative' (SIT) next year, and that it has asked the German government for a further €300 million (original in German). The German edition of the English-language site "The Local" explains how the money will be used:

The aim of the programme is to penetrate foreign social networks and create an early warning system for cyber attacks.

Tags:

Microsoft releases anti-POODLE Fix It

Submitted by l33tdawg on Thu, 2014-10-30 00:04

Microsoft has released a Fix It to disable the feature which was the subject of the POODLE attack. The Fix It, a program which implements changes in the registry, makes the process simpler than the alternatives.

POODLE is the name given to a vulnerability in SSL version 3.0 found earlier this month by a Google researcher. SSL was supplanted by TLS and the current version is 1.2, but systems may fall back to older versions if the server does not support the newer ones.

Tags:

Microsoft

SSL

POODLE

Read more about Microsoft releases anti-POODLE Fix It
3980 reads

OpenSSL warns vendors against using vulnerability info for marketing

Submitted by l33tdawg on Tue, 2014-09-09 01:15

Security advisories for OpenSSL should not be used for competitive advantage, according to the development project behind the widely used cryptography component.

The warning comes from the OpenSSL Project, which has published for the first time guidelines for how it internally handles security problems, part of an ongoing effort to strengthen the project following the Heartbleed security scare in April.

Tags:

SSL

Security

Industry News

OpenSSL fork LibreSSL is declared "unsafe for Linux"

Submitted by l33tdawg on Wed, 2014-07-16 00:36

http://cdn.arstechnica.net/wp-content/uploads/2014/07/7512877940_2720e3be12_z.jpg

The first "preview" release of OpenSSL alternative LibreSSL is out, and already a researcher says he has found a "catastrophic failure" in the version for Linux.

Tags:

SSL

Security

Linux

Read more about OpenSSL fork LibreSSL is declared "unsafe for Linux"
3948 reads

Contact Us

Hack In The Box

36th Floor, Menara Maxis,
Kuala Lumpur City Centre
50088 Kuala Lumpur
Malaysia

Tel: +603-2615-7299
Fax: +603-2615-0088

Link Exchange

Security Central Forum
Dailyrotation
Astalavista
Go Hacking
XSSed.com
madirish.net
SecurityXploded

Featured Slideshow

Hackers can raid networks with burnt Blu-Rays

Twitter triples abuse team, knocks dox

Hands on with Samsung's Galaxy S6 and S6 Edge

ZTE Grand S3 can be unlocked with eye-based biometric solution

Samsung's Smart TV Data Encryption Claims Proven False

SSL

Meaner POODLE bug that bypasses TLS crypto bites 10 percent of websites

German Spy Agency Wants To Buy Zero-Day Vulnerabilities In Order To Undermine SSL Security

Microsoft releases anti-POODLE Fix It

OpenSSL warns vendors against using vulnerability info for marketing

OpenSSL fork LibreSSL is declared "unsafe for Linux"

Pages

Monday, March 2nd

Friday, February 27th

Thursday, February 26th

Wednesday, February 25th

Tuesday, February 24th

Contact Us

Recent comments

Link Exchange

You are here

SSL

Pages