“None of the claims of what comsec works is to be taken saltless: Tor, OTR, ZTRP are lures.” —Cryptome [3], Dec. 30, 2014In the aftermath of Edward Snowden's disclosures, the... read more
Anthem Refuses US Gov Security Audit
Submitted by l33tdawg on Fri, 2015-03-06 02:02
Insurance provider Anthem has reportedly refused to let the US Office of Personnel Management’s Office of Inspector General (OIG) perform a full security audit of its systems, in the wake of a massive data breach that potentially affected 70 million Americans.
According to an anonymous spokesperson, the company first refused to allow the agency to perform "standard vulnerability scans and configuration compliance tests" both last summer and in 2013—so the refusals aren’t directly linked to the breach.
Telstra customers gain access to own metadata from next month
Submitted by l33tdawg on Fri, 2015-03-06 01:59
From April 1, Telstra customers will be able to access metadata that the telco is keeping on them for a fee that is expected to begin at AU$25.
"We believe that if the police can ask for information relating to you, you should be able to as well," Telstra said in its announcement.
Students looking to make £2,500? GCHQ has the cyber summer school for you
Submitted by l33tdawg on Fri, 2015-03-06 01:55
GCHQ has announced a ten-week ‘cyber insiders summer school’ for aspiring white hat hackers, the latest attempt by the Government security organisation to uncover the next generation of British cyber-talent.
Due to be held between 6 July and 11 September in GCHQ’s home town of Cheltenham, the ten-week course will be open to any student in year one or two of a University computer science course with the incentive of being paid £2,500 ($3,800) to attend. GCHQ will also cover the cost of accommodation in the town and hand candidates completing the course a CV-boosting certificate.
Private Email Server Made Hillary Clinton Vulnerable To Hackers, But The State Dept Isn't Much Safer
Submitted by l33tdawg on Fri, 2015-03-06 01:53
By using private email, Hillary Clinton put her data at risk every time she clicked on a link or downloaded an attachment as secretary of state. But the American public, and even Clinton herself, will probably never know if hackers were able to monitor her communication from 2009 to 2013, the four years she served as the most powerful U.S. diplomat.
D-Link Pushes Firmware Updates for Vulnerable Routers
Submitted by l33tdawg on Fri, 2015-03-06 01:52
D-Link has begun to push out firmware updates for some of its home routers, to address three separate vulnerabilities that could allow remote code injection via access to the local area network, perform DNS hijacking, or exploit chipset utilities in the router firmware that expose configuration information.
The company said in an advisory that it will release several updates between now and March 10. The most critical flaw is a “ping” issue, which opens the door for all kinds of nefarious activity, according to the researchers that first discovered it.