Skip to main content

Security

Most 'hackable' vehicles are Jeep, Escalade, Infiniti and Prius

posted onAugust 4, 2014
by l33tdawg

A report shared exclusively with CNNMoney shows that the 2014 Jeep Cherokee, 2015 Cadillac Escalade and 2014 Toyota Prius were the most 'hackable' of 20 car models reviewed by automotive security researchers. The 2014 Dodge Viper and 2014 Audi A8 were the least hackable.

Security researchers Charlie Miller and Chris Valasek did their analysis by looking at the technical configurations of different models; they did not actually remotely hack any of the cars in the report.

Twitter acquires password security startup Mitro

posted onAugust 1, 2014
by l33tdawg

Twitter has acquired a small startup called Mitro, which focuses on password security.

Mitro announced Thursday that it is joining Twitter in its New York office and will be "focusing on a variety of geo-related projects." The company will not be integrated into the social network, but rather keep working on its own products that let several people share passwords to one account.

Hackers can tap USB devices in new attacks, researcher warns

posted onAugust 1, 2014
by l33tdawg

USB devices such as keyboards, thumb-drives and mice can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher has revealed.

Karsten Nohl, chief scientist with Berlin's SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.

'Internet of Things' full of vulnerabilities

posted onJuly 31, 2014
by l33tdawg

A recent research report [PDF] from HP's Fortify on Demand division found that seven out of ten of the most commonly used Internet of Things consumer devices contain serious security vulnerabilities.

Fortify on Demand said that some of the vulnerabilities include insufficient or non existent authentication mechanisms with weak passwords, data and firmware/software being transmitted in the clear without encryption, as well as insecure web interfaces for the devices.

BitTorrent's Bleep messenger is a secure, decentralized chat platform

posted onJuly 31, 2014
by l33tdawg

There's a distinctive sound your computer makes when an online friend is trying to get your attention. Sometimes its high pitched, other times its a low, warm tone, but regardless of your chat software, the onomatopoeia probably reads something like "bleep" which -- by no coincidence, we're sure -- is what BitTorrent is calling its new messaging platform. Unlike Google Hangouts, AIM or Skype, however, Bleep is a decentralized communication platform, design specifically to protect user metadata and anonymity.

Hackers have compromised the once anonymous Tor network

posted onJuly 31, 2014
by l33tdawg

The Tor anonymous encryption service offers internet users a way to surf the web with anonymity and prides itself on the level of security it offers. Well it looks as though the network was compromised earlier this year along with some user data, according to a recent Tor developer blog post. It also said that those who used Tor between early February and July 4th of this year "should assume" they have been in some way affected by the attack.

Former NSA director will file "at least" 9 patents to detect malicious hackers

posted onJuly 30, 2014
by l33tdawg

In an interview Monday with former National Security Agency Director General Keith Alexander, Foreign Policy's Shane Harris learned that Alexander plans to file “at least” nine patent applications—“and possibly more"—pertaining to technology for detecting network intruders.

How do hackers breach institutions like Canada's NRC?

posted onJuly 30, 2014
by l33tdawg

Cyberattacks like the one against the National Research Council of Canada are increasing around the world. But by knowing the steps hackers would use for a sophisticated attack, security experts try to gain the upper hand.

"Sometimes in breaches, companies call it a 'highly sophisticated cyberattack' (as the Government of Canada's chief technology officer said in a statement Tuesday) in order to make it seem like they were beaten by the best," Geoffrey Vaughan, a security consultant with Security Compass, told CTV News Channel.