Security

After security journalist Brian Krebs exposed the DDoS-for-hire service, vDOS, and the alleged owners of the service were arrested, a massive attack was launched against the Krebs on Security site.

Last Thursday, Krebs wrote about vDOS and the two 18-year-old Israeli hackers running the DDoS attack service. In the past two years, the duo launched over 150,000 attacks and made at least $618,000. vDOS had been hacked and Krebs had obtained a copy of the vDOS database.

In the years to come, 3D printing is going to be used for everything from helping create rocket engines to printing new heart valves. With those kind of high-stakes — and often highly-valuable –applications, it’s no wonder experts are concerned about the security risk posed by hackers.

One possible threat is explored in a new study by researchers at the University at Buffalo in New York entitled “My Smartphone Knows What You Print: Exploring Smartphone-Based Side-Channel Attacks Against 3D Printers.”

The lack of https web encryption will start triggering warnings in Chrome browser, Google said.

The plan will go into effect in January with the release of Chrome 56 and will roll out in stages. Chrome 56 will display a "not secure" indicator before HTTP URLs in the browser's address bar, but only for those web pages that contain password or credit card form fields.

If you’ve been having problems with Intel’s password manager True Key then you’re not the only one. After users reported login issues in recent weeks, Intel Security has confirmed that a planned upgrade on one of its network components failed twice, affecting users’ access to the software.

“An upgrade of a network component failed, which necessitated a reversion to previous configuration, but was delayed by a second equipment problem,” an Intel spokesperson said. “This was the first outage of this magnitude, the True Key app normally operates with well above 99 percent uptime.”

If given the option, it can be hard not to connect your smartphone to a rental car—especially when that’s what you’re used to in your own vehicle. But doing so could give others access to enough of your personal information to track you down at your own home and tell you what you did all week.

Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove.

Called Umbreon, after a Pokémon character that hides in the darkness, the rootkit has been in development since early 2015 and is now being sold on the underground markets. It targets Linux-based systems on the x86, x86-64 and ARM architectures, including many embedded devices such as routers.

First off, this is dead simple and shouldn’t work, but it does. Also, there is no possible way that I’m the first one that has identified this, but here it is (trust me, I tested it so many ways to confirm it because I couldn’t believe it was true)

TL;DR USB Ethernet + DHCP + Responder == Creds

South Korea plans to roll out commercial services for personal authentication for online and mobile payments utilizing the short-range wireless technology used in credit cards, officials said Tuesday.

According to the Office of Government Policy Coordination, the government is set to approve the new service, which grants users personal authentication using Near Field Communication (NFC)-tagged credit cards. Commercial service is expected to begin late this year.

Cross-site scripting and SQL injection attacks are well-known threats for public-facing Web applications, but internal systems can be attacked as well. For example, about half of network management systems studied had these vulnerabilities, according to a report released today.

t all comes down to input validation, or lack of it, said Deral Heiland, research lead at Boston-based Rapid7, Inc. and one of the authors of the report.

Time and time again, Mr. Robot has proven to be a show that prides itself on extreme attention to detail. Whether it involves hiring ex-FBI employees as consultants or tracking down the duo behind the Full House theme, the series wants to ground its high-stakes story in a healthy dose of realism.