L33tdawg: If you're into SAP security, this training at #HITB2016AMS is for you
SAP enterprise applications play a mission-critical role at countless organizations around the world, yet relatively little is discussed about the potential consequences of successful cyberattacks on these apps.
The Internet is fragile. Many of its protocols were designed at a time when the goal was rapid network expansion based on trust among operators. Today, the Internet's open nature is what makes it so great for business, education and communication, but the absence of security mechanisms at its core is something that criminals are eager to exploit.
Did your Mac’s Ethernet port mysteriously stop working recently? If so, you could have fallen afoul of a nasty bug that was introduced in a recent OS X security update. Here’s how to fix it.
As pointed out on Reddit, a recent OS X security update called “031–51913 Incompatible Kernel Extension Configuration Data 3.28.1” blacklists the BCM5701 driver.
The only problem? Almost every Mac with an Ethernet port depends on that driver. And while Apple has since pulled that update from their servers, there’s a chance you might have been afflicted.
Samsung has begun rolling out Android’s February security update for all of its recent flagships. The release is currently reaching unlocked units in most markets, and should be available to those branded by carriers soon.
The updates are available for the Galaxy S5, Galaxy S6, Galaxy S6 edge, Galaxy S6 edge+, Galaxy Note 4, and Galaxy Note 5, according to SamMobile — and they’re currently rolling out in markets throughout Asia, Australia, Europe, and the Americas.
When the Linux Mint team announced that someone managed to hack their website and redirected the people who were downloading the Linux Mint ISO to a modified version of the OS, they were fully aware that their reputation would suffer.
L33tdawg: Interested in automobile security? Check out CANsee: An Automobile Intrusion Detection System set to be presented at #HITB2016AMS in May.
Nissan on Wednesday disabled an app that allowed owners of its electric LEAF car to control their cars' heating and cooling from their phones, after an Australian researcher showed he could use it to control others' cars as well.
The attack against Sony Pictures Entertainment in 2014 is one of the highest-profile and yet mysterious security breaches in recent years. Possible culprits have ranged from North Korea to disgruntled ex-employees, but "Operation Blockbuster," a multi-vendor report issued Feb. 24, blames attackers identified as the Lazarus Group and also claims that they are still active.
L33tdawg: The folks from Bastille are running a 2-day IoT training at #HITB2016AMS in May which is well worth checking out.
Wireless mice and keyboards commonly communicate using proprietary protocols operating in the 2.4GHz ISM band. In contrast to Bluetooth, there is no industry standard to follow, leaving each vendor to implement their own security scheme.
The Internet toaster that's browning your crumpets, talking to its home servers, and participating in a ransomware-distributing botnet should get the kind of cyber-safety testing that it gets for physical safety.
That is, at least, a growing view among Institute of Electrical and Electronic Engineers (IEEE) members, if an IEEE Spectrum piece by Tekla Perry is anything to go by.
Since iOS 8 was released in September 2014, Apple has encrypted the local storage of all iPhones. That’s not news, but it’s become newly relevant since the company and the FBI started a very loud, very public fight about the data stored on a particular iPhone.
Privacy advocates have praised Apple’s commitment to full-device encryption by default, and after a false start last year, all new Android phones shipping with version 6.0 or higher should be encrypted by default as well. It’s an effective tool for keeping thieves from grabbing your data even if they can take your phone.
