A private encryption key embedded into widely used mission-critical routers could be exploited by hackers to attack electric substations, railroad switches, and other critical infrastructure, security researchers have warned.
In late 2010, Sean Brooks received three e-mails over a span of 30 hours warning that his accounts on LinkedIn, Battle.net, and other popular websites were at risk. He was tempted to dismiss them as hoaxes—until he noticed they included specifics that weren't typical of mass-produced phishing scams. The e-mails said that his login credentials for various Gawker websites had been exposed by hackers who rooted the sites' servers, then bragged about it online; if Brooks used the same e-mail and password for other accounts, they would be compromised too.
Next month the National Institute of Standards and Technology (NIST) plans to put out for public review its draft for a new government encryption standard that, when finalized, is going to compel federal agencies with older websites to replace them.
Swinburne and Taiwanese researchers have demonstrated technology that can use a single laser beam to create 3D polarization in nanomaterials.
What’s cool about this is that they demonstrate that the polarization can be used to encrypt information – as well as expanding the storage capacity of optical media like DVDs.
During the past week, I had an idea on how to easily red flag potential employers: ask to see one row of their user table, and look at the password field. If the password is in plaintext, then run for the door.
When companies such as Blizzard are suffering from authentication system hacks, and appear to be vulnerable to dictionary-style attacks, then there exists a problem that is endemic across the industry.
The combination of security methods built into Apple's iOS mobile operating system make it practically impossible to crack, according to the National Security Agency's standards, reports Technology Review.
Research by the Ponemon Institute found half of the 4000 business and IT managers surveyed host sensitive or confidential data in cloud environments.
It also found 61 per cent of respondents believe cloud adoption has increased their companies' security posture.
The libfvde project's open source library and tools allow users to access data on volumes that have been encrypted with Apple's FileVault2 hard disk encryption program on Mac OS X 10.7 Lion. With libfvde and fvdetools, these volumes can be read using either a Mac OS X or a Linux system.
Research in Motion refuted on Wednesday a new round of Indian media reports, which claim that the BlackBerry maker has granted the Indian government the encryption keys to its secure corporate email and messaging services.
India is one of the Canadian smartphone maker's few growing markets, where it is expanding aggressively. The company is facing falling sales elsewhere as customers abandon the BlackBerry in favour of Apple's iPhone and a slew of devices using Google Inc's Android software, leading to RIM's shares falling by more than 50 percent over the past one year.
LastPass has added two new security features to its popular online password management system; access via TOR (The Onion Router) has been disabled and users can now limit logins to specific countries.
Premium users of the system can already enable two-factor authentication (or limit access to specific computers) as well as increase SHA-256 iterations to confuse brute-forcing of passwords but the company hopes that outlawing access via the anonymising TOR system will cut off another avenue of attack.
